Acorn Insurance and Financial Services Limited
Liverpool
Due to a period of exciting growth Acorn are looking for a highly skilled and experienced Senior Information Security Analyst to join our Information Security Team. Within this role you get the opportunity to join a collaborative team and have a chance to blend GRC responsibilities with technical security experience, all whilst working for a market leading insurance company, supporting and maintaining robust security controls and regulatory compliance.
Job Title: Senior Information Security Analyst (12 month FTC)
Location: Liverpool City Centre, Hybrid working available
Working Hours: Monday to Friday, 37.5 hours per week , 9:00 AM – 5:30 PM
Salary: £50,000 - £60,000 pa (DOE).
What you will be doing:
Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion.
Lead the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards.
Lead third party risk management processes.
Collaborate across all areas of the business to align security policies and processes with business objectives and regulatory obligations.
Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities.
Lead on security architecture reviews for new systems and services.
Evaluate technical security controls and recommending improvements.
Support the implementation of security tools and technologies.
Provide oversight of the security incident management process.
Provide security metrics for interested parties at all levels.
Lead the security awareness programme to promote a culture of security within all levels of the Group.
Provide support for internal and external security audits.
Lead security governance meetings representing the Information Security team and standing in for the Head of Information Security when required.
Provide subject matter expertise liaising across all business functions.
What we look for:
Minimum 5 years' experience in information security roles.
Strong leadership and mentorship abilities with a strategic mindset.
Experience with risk assessment methodologies.
Excellent analytical and problem-solving skills with attention to detail.
Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders.
Ability to manage risk and compliance projects and drive security initiatives.
Knowledge of information security frameworks such as ISO 27001 or NIST.
Knowledge of vulnerability management processes.
About Acorn Insurance With over 40 years of experience, Acorn Insurance is a specialist provider dedicated to helping individuals secure motor insurance across the UK. We proudly serve more than 50,000 customers, ensuring they find policies that meet their needs and provide the peace of mind that comes with high-quality cover.
At Acorn Insurance, we offer comprehensive training and continuous in-house coaching. You'll receive in-depth, FCA-regulated industry knowledge and all the tools necessary to grow your career with us.
We celebrate diversity and are committed to fostering a culture where everyone feels respected and valued. As a Disability Confident Level 1 and Level 2 employer, we ensure our workplace is accessible and inclusive, encouraging our people to bring their best selves to work every day.
The Acorn Group has been recognised as a Great Place to Work for 2024/5. A record number of employees participated in our survey, overwhelmingly highlighting our welcoming and supportive atmosphere as an excellent place to build a career. We are committed to continuous improvement and have ambitious plans for 2025.
Why Acorn Insurance? Acorn Insurance want to give you more than a job, we want to give you a purpose and a career. So, what can we offer you as an employer? Some of the "your tomorrow" benefits you will receive include: Wellbeing:
Enhanced Annual Leave entitlement starting at 31 days and potentially increasing to 35 days per year depending on grade & length of service (including bank holidays)
Enhanced paternity pay and 16 weeks full maternity pay.
Colleague Assistance programme offers a suite of wellbeing services such as:
6 Free Counselling sessions per year
Unlimited access to a telephone councillor 24/7
Access to a free 4-week programme of cognitive behavioural therapy (CBT) with a trained therapist mentor.
Network of internal qualified mental health first aiders are available to provide support to colleagues.
Financial:
A core level of life assurance with the option to increase cover via salary sacrifice and add your spouse/partner
Ability to access your earnings before payday via Dayforce Wallet.
Company pension scheme
Refer a friend scheme with a £250 bonus for every colleague recommended on passing their probation period.
Access to a flexible benefits platform including an annual flex pot allowance to spend on over 15 benefits of your choice.
Ability to give back. You can opt into donating money to charity to climate positive organisations directly from your salary.
Reward, Recognition and Culture :
Long Service Award paid on 5,10- and 15-years’ service
A reward and recognition hub to celebrate and reward colleagues and peers.
Consistent and engaging company events including company awards, competitions and charity fundraisers.
Budgets for department leaders to use for social and engagement events. Please visit out website to view more of our excellent work benefits!
All roles are subject to DBS and Financial checks, any offer made will be conditional until checks are completed to a satisfactory standard. Unfortunately, due to the length of training and complexity of the role, we can only accept applications from candidates who have at least one year remaining on their (Graduate/ Post study work) visa. Unfortunately, we are unable to provide visa sponsorships. At Acorn, we are committed to creating an inclusive and supportive work environment. We recognise that candidates may have specific needs and are happy to consider reasonable adjustments to the recruitment process and working environment to accommodate individual requirements. Whether it’s modifying equipment, adjusting working hours, or providing additional support, we aim to ensure all employees can perform at their best. If you require any reasonable adjustments, please let us know during the application or interview process, and we will work with you to ensure your needs are met.
25/04/2025
Full time
Due to a period of exciting growth Acorn are looking for a highly skilled and experienced Senior Information Security Analyst to join our Information Security Team. Within this role you get the opportunity to join a collaborative team and have a chance to blend GRC responsibilities with technical security experience, all whilst working for a market leading insurance company, supporting and maintaining robust security controls and regulatory compliance.
Job Title: Senior Information Security Analyst (12 month FTC)
Location: Liverpool City Centre, Hybrid working available
Working Hours: Monday to Friday, 37.5 hours per week , 9:00 AM – 5:30 PM
Salary: £50,000 - £60,000 pa (DOE).
What you will be doing:
Work with all parties across the business to identify and assess risk and ensure mitigations are tracked to completion.
Lead the development and maintenance of information security policies, standards and procedures in line with regulatory frameworks and industry standards.
Lead third party risk management processes.
Collaborate across all areas of the business to align security policies and processes with business objectives and regulatory obligations.
Work with Security Operations and IT teams to provide oversight of vulnerability assessments and remediation activities.
Lead on security architecture reviews for new systems and services.
Evaluate technical security controls and recommending improvements.
Support the implementation of security tools and technologies.
Provide oversight of the security incident management process.
Provide security metrics for interested parties at all levels.
Lead the security awareness programme to promote a culture of security within all levels of the Group.
Provide support for internal and external security audits.
Lead security governance meetings representing the Information Security team and standing in for the Head of Information Security when required.
Provide subject matter expertise liaising across all business functions.
What we look for:
Minimum 5 years' experience in information security roles.
Strong leadership and mentorship abilities with a strategic mindset.
Experience with risk assessment methodologies.
Excellent analytical and problem-solving skills with attention to detail.
Strong communication skills with the ability to explain complex security concepts to non-technical stakeholders.
Ability to manage risk and compliance projects and drive security initiatives.
Knowledge of information security frameworks such as ISO 27001 or NIST.
Knowledge of vulnerability management processes.
About Acorn Insurance With over 40 years of experience, Acorn Insurance is a specialist provider dedicated to helping individuals secure motor insurance across the UK. We proudly serve more than 50,000 customers, ensuring they find policies that meet their needs and provide the peace of mind that comes with high-quality cover.
At Acorn Insurance, we offer comprehensive training and continuous in-house coaching. You'll receive in-depth, FCA-regulated industry knowledge and all the tools necessary to grow your career with us.
We celebrate diversity and are committed to fostering a culture where everyone feels respected and valued. As a Disability Confident Level 1 and Level 2 employer, we ensure our workplace is accessible and inclusive, encouraging our people to bring their best selves to work every day.
The Acorn Group has been recognised as a Great Place to Work for 2024/5. A record number of employees participated in our survey, overwhelmingly highlighting our welcoming and supportive atmosphere as an excellent place to build a career. We are committed to continuous improvement and have ambitious plans for 2025.
Why Acorn Insurance? Acorn Insurance want to give you more than a job, we want to give you a purpose and a career. So, what can we offer you as an employer? Some of the "your tomorrow" benefits you will receive include: Wellbeing:
Enhanced Annual Leave entitlement starting at 31 days and potentially increasing to 35 days per year depending on grade & length of service (including bank holidays)
Enhanced paternity pay and 16 weeks full maternity pay.
Colleague Assistance programme offers a suite of wellbeing services such as:
6 Free Counselling sessions per year
Unlimited access to a telephone councillor 24/7
Access to a free 4-week programme of cognitive behavioural therapy (CBT) with a trained therapist mentor.
Network of internal qualified mental health first aiders are available to provide support to colleagues.
Financial:
A core level of life assurance with the option to increase cover via salary sacrifice and add your spouse/partner
Ability to access your earnings before payday via Dayforce Wallet.
Company pension scheme
Refer a friend scheme with a £250 bonus for every colleague recommended on passing their probation period.
Access to a flexible benefits platform including an annual flex pot allowance to spend on over 15 benefits of your choice.
Ability to give back. You can opt into donating money to charity to climate positive organisations directly from your salary.
Reward, Recognition and Culture :
Long Service Award paid on 5,10- and 15-years’ service
A reward and recognition hub to celebrate and reward colleagues and peers.
Consistent and engaging company events including company awards, competitions and charity fundraisers.
Budgets for department leaders to use for social and engagement events. Please visit out website to view more of our excellent work benefits!
All roles are subject to DBS and Financial checks, any offer made will be conditional until checks are completed to a satisfactory standard. Unfortunately, due to the length of training and complexity of the role, we can only accept applications from candidates who have at least one year remaining on their (Graduate/ Post study work) visa. Unfortunately, we are unable to provide visa sponsorships. At Acorn, we are committed to creating an inclusive and supportive work environment. We recognise that candidates may have specific needs and are happy to consider reasonable adjustments to the recruitment process and working environment to accommodate individual requirements. Whether it’s modifying equipment, adjusting working hours, or providing additional support, we aim to ensure all employees can perform at their best. If you require any reasonable adjustments, please let us know during the application or interview process, and we will work with you to ensure your needs are met.
Technical Operations Analyst Preston / Remote (onsite when needed) 12 months initially £41.94ph inside IR35 / Umbrella Working as part of a team safeguarding against cyber threats by developing and enhancing the Technical Operations capability across People, Process, and Technology, ensuring an efficient approach to all Cyber Operations. Proactively protecting the client through continual automation and testing of security controls. Continuously working toward organisational, departmental, and individual objectives and upholding security standards and principles. Providing assurance to the Head of Cyber Operations and Technical Operations Manager that the SOC is operating efficiently through the use of orchestration and automation. Core Duties Typical duties include (but are not limited to): Identification of process that can be automated to make the SOC more effective. Responsible for the overall delivery of the Technical Operations function by providing support to other members of the team to protect the client's systems against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets to construct actionable information to enhance the detection of suspicious activity within the business. On boarding new data sources to increase the visibility of security event information across multiple technologies. Creating security use cases to enable the wider SOC to respond to a wider array of threats. Identify where automation can assist the Incident Response team when investigating suspicious activity. Creation of analytic content to enable quantifiable metrics on SOC performance. Additional Accountabilities Able to lead a small Data project or support a larger project Work as a fully contributory member of the Cyber Security Team with the ability to delivery with limited guidance from the Line Manager. Expected to provide technical support to team members and provide support to individuals within specialist areas. Guides others in application of IM&T and Cyber processes. Manage own development including participating in on the job training and attending training programmes as appropriate. Provide support to others development, including the development of people within specialist areas. Responsible for training members of the team, monitoring their quality of work and contributing to pay decisions Knowledge, Skills and Qualifications A strong technical background with a detailed knowledge of cyber security, computer networks and operating systems. Broad and detailed experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDNs and Vulnerability Management. Analytical background, comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations. Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these. Knowledge and demonstrable experience of the MITRE ATT&CK framework. Good knowledge of enterprise computing technologies. Skills Understanding of enterprise networking and computing Knowledge of Python 3 programming language Demonstrable experience in using SOAR tooling and its application Application of data science against large datasets involving unstructured data and designing data models Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform Knowledge of custom API's to leverage the SOAR's functionality Ability to communicate to other stakeholders across the business Technical documentation creation Mentoring junior members of the team The ability to obtain UK Government security clearance to SC Relevant industry and vendor qualifications such as CISSP, CISM, CompTIA security+ Cyber security framework knowledge such as MITRE ATT&CK Organisational, departmental, and individual objectives and upholding security standards and principles. Providing assurance to the Head of Cyber Operations and Technical Operations Manager that the SOC is operating efficiently through the use of orchestration and automation. JBRP1_UKTJ
13/12/2025
Full time
Technical Operations Analyst Preston / Remote (onsite when needed) 12 months initially £41.94ph inside IR35 / Umbrella Working as part of a team safeguarding against cyber threats by developing and enhancing the Technical Operations capability across People, Process, and Technology, ensuring an efficient approach to all Cyber Operations. Proactively protecting the client through continual automation and testing of security controls. Continuously working toward organisational, departmental, and individual objectives and upholding security standards and principles. Providing assurance to the Head of Cyber Operations and Technical Operations Manager that the SOC is operating efficiently through the use of orchestration and automation. Core Duties Typical duties include (but are not limited to): Identification of process that can be automated to make the SOC more effective. Responsible for the overall delivery of the Technical Operations function by providing support to other members of the team to protect the client's systems against cyber threats. Lead in the identification and the creation, maintenance and troubleshooting of SOAR playbooks, automations and enrichments. Apply critical thinking to solve unique problems in the information security space. Enhancing the processes around interacting with large datasets to construct actionable information to enhance the detection of suspicious activity within the business. On boarding new data sources to increase the visibility of security event information across multiple technologies. Creating security use cases to enable the wider SOC to respond to a wider array of threats. Identify where automation can assist the Incident Response team when investigating suspicious activity. Creation of analytic content to enable quantifiable metrics on SOC performance. Additional Accountabilities Able to lead a small Data project or support a larger project Work as a fully contributory member of the Cyber Security Team with the ability to delivery with limited guidance from the Line Manager. Expected to provide technical support to team members and provide support to individuals within specialist areas. Guides others in application of IM&T and Cyber processes. Manage own development including participating in on the job training and attending training programmes as appropriate. Provide support to others development, including the development of people within specialist areas. Responsible for training members of the team, monitoring their quality of work and contributing to pay decisions Knowledge, Skills and Qualifications A strong technical background with a detailed knowledge of cyber security, computer networks and operating systems. Broad and detailed experience of technologies including but not limited to firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, Linux, TCP/IP, Networks, Cloud, CDNs and Vulnerability Management. Analytical background, comfortable analysing and interpreting large and complex data sets and articulating the story behind any observations along with providing conclusions and recommendations. Detailed knowledge of the current threat landscape, the TTPs frequently employed in those attacks and how we can investigate and mitigate these. Knowledge and demonstrable experience of the MITRE ATT&CK framework. Good knowledge of enterprise computing technologies. Skills Understanding of enterprise networking and computing Knowledge of Python 3 programming language Demonstrable experience in using SOAR tooling and its application Application of data science against large datasets involving unstructured data and designing data models Knowledge of using SIEM platforms to identify suspected security events and creating content to enhance the platform Knowledge of custom API's to leverage the SOAR's functionality Ability to communicate to other stakeholders across the business Technical documentation creation Mentoring junior members of the team The ability to obtain UK Government security clearance to SC Relevant industry and vendor qualifications such as CISSP, CISM, CompTIA security+ Cyber security framework knowledge such as MITRE ATT&CK Organisational, departmental, and individual objectives and upholding security standards and principles. Providing assurance to the Head of Cyber Operations and Technical Operations Manager that the SOC is operating efficiently through the use of orchestration and automation. JBRP1_UKTJ
Certes IT Service Solutions
Milton Keynes, Buckinghamshire
Senior SOC Analyst (DV Cleared) Duration: 12 Months Location: Milton Keynes Rate: £600-£650 per day IR35 Status: Inside Start: ASAP A Senior SOC Analyst (DV Cleared) is required for our Government client to be part of their security team providing a 24x7 service helping to protect the organisation from cyber threats. You will be part of a 24x7 team responsible for monitoring their systems, detecting potential security incidents and initiating the incident response process. Essential skills & experience required: As the Senior SOC Analyst you will possess current security clearance to DV Level together with experience of SPLUNK within a security operations centre (SOC) Possess excellent problem solving abilities, attention to detail and the capacity to work under pressure and comfortable working within a team environment. Have a good understanding of networking concepts (TCP/IP, DNS etc ) Windows and Linux O/Systems Common cyber attack techniques Any Cyber security certifications would be desirable. Responsibilities include: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. Analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritise incidents. For confirmed incidents, you'll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation. Create detailed tickets and reports for all detected incidents, documenting your findings and the steps you have taken as this is crucial for tracking incidents and for future analysis. Also to assist in the maintenance and optimisation of security tools, ensuring they are working correctly and effectively. To apply for this role please email your CV to: Certes IT Service Solutions welcomes applications from all sections of the community and from people with diverse experience and backgrounds Certes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations. JBRP1_UKTJ
12/12/2025
Full time
Senior SOC Analyst (DV Cleared) Duration: 12 Months Location: Milton Keynes Rate: £600-£650 per day IR35 Status: Inside Start: ASAP A Senior SOC Analyst (DV Cleared) is required for our Government client to be part of their security team providing a 24x7 service helping to protect the organisation from cyber threats. You will be part of a 24x7 team responsible for monitoring their systems, detecting potential security incidents and initiating the incident response process. Essential skills & experience required: As the Senior SOC Analyst you will possess current security clearance to DV Level together with experience of SPLUNK within a security operations centre (SOC) Possess excellent problem solving abilities, attention to detail and the capacity to work under pressure and comfortable working within a team environment. Have a good understanding of networking concepts (TCP/IP, DNS etc ) Windows and Linux O/Systems Common cyber attack techniques Any Cyber security certifications would be desirable. Responsibilities include: You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. Analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritise incidents. For confirmed incidents, you'll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation. Create detailed tickets and reports for all detected incidents, documenting your findings and the steps you have taken as this is crucial for tracking incidents and for future analysis. Also to assist in the maintenance and optimisation of security tools, ensuring they are working correctly and effectively. To apply for this role please email your CV to: Certes IT Service Solutions welcomes applications from all sections of the community and from people with diverse experience and backgrounds Certes Computing (and all of its subsidiary companies) is committed to promoting equality and diversity in its business operations. JBRP1_UKTJ
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
10/12/2025
Full time
Principal Cyber Security Incident Response Analyst 60,000 - 70,000 Full Time / Permanent West Midlands / Hybrid (1-2 days a month in the office ideally) The Role I am looking for a driven and experienced Principal Cyber Security Incident Response Analyst to join a large nationally recognised brand head quartered in the West Midlands. As a Principal Cyber Security Incident Response Analyst, you will play a pivotal role in protecting critical systems, assets, and people from cyber security threats. You'll be part of a world-class team, working at the forefront of threat detection and response. We are ideally looking for someone Midlands based who can be on site in Warwickshire 1-2 days a month on average. Responsibilities Provide leadership and mentorship to Analysts and Senior Analysts, fostering a culture of excellence and continuous development. Drive the evolution and enhancement of the Cyber Security Incident Response function, ensuring the team consistently meets and exceeds key performance indicators. Lead investigations and remediation efforts for cyber security incidents and alerts across diverse sources, including network, endpoint, cloud environments, and threat intelligence feeds. Perform in-depth trend analysis to identify patterns and inform improvements in organisational controls and threat detection capabilities. Develop, maintain, and continuously improve documentation and reporting frameworks to support transparency, consistency, and strategic decision-making. Experience required: Previous experience in a similar Cyber Incident Response Analyst role, preferably in a senior or lead capacity. Strong experience in security monitoring across diverse systems and environments, including cloud and on-premises. Proven leadership in incident response within SOC settings. Deep understanding of the cyber threat landscape, attack vectors, and detection techniques. Proficient in cybersecurity tools, regulations, and compliance standards. Excellent communication and stakeholder engagement skills, with the ability to convey technical insights to varied audiences. Please apply via the link or contact (url removed) for more information Modis International Ltd acts as an employment agency for permanent recruitment and an employment business for the supply of temporary workers in the UK. Modis Europe Ltd provide a variety of international solutions that connect clients to the best talent in the world. For all positions based in Switzerland, Modis Europe Ltd works with its licensed Swiss partner Accurity GmbH to ensure that candidate applications are handled in accordance with Swiss law. Both Modis International Ltd and Modis Europe Ltd are Equal Opportunities Employers. By applying for this role your details will be submitted to Modis International Ltd and/ or Modis Europe Ltd. Our Candidate Privacy Information Statement which explains how we will use your information is available on the Modis website.
Your New Company and Role We're partnering with a leading organisation seeking an experienced Lead SOC Analyst to join their team in Glasgow on a 12-month contract. This is a fantastic opportunity to take a leadership role within a 24/7 Security Operations Centre (SOC), protecting critical systems from cyber threats. As a Level 2 SOC Analyst, you'll not only monitor and respond to incidents but also provide guidance and support to junior team members. Your responsibilities will include: Continuous Monitoring: Oversee SIEM tools (including Splunk) to detect suspicious activity and ensure timely response. Incident Triage: Analyse alerts and logs to confirm genuine incidents and prioritise effectively. Initial Incident Response: Execute containment actions and escalate complex cases to senior analysts. Reporting & Documentation: Maintain detailed records of incidents and actions taken for tracking and analysis. Team Leadership: Provide direction and support to junior analysts during shifts and ensure smooth handovers. Tool Management: Assist in maintaining and optimising security tools for peak performance. What You'll Need to Succeed Strong leadership skills with the ability to guide and mentor junior team members. Excellent problem-solving abilities, attention to detail, and ability to work under pressure. Hands-on experience with Splunk in a SOC environment. Solid understanding of networking (TCP/IP, DNS), operating systems (Windows/Linux), and common cyber-attack techniques. A degree in Computer Science, Cybersecurity, IT, or equivalent experience. Certifications such as CompTIA Security+, CySA+, or similar are highly desirable. What You'll Get in Return Competitive daily rate up to 633. 12-month contract with potential for extension. Opportunity to lead within a high-performing SOC team on mission-critical projects. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
10/12/2025
Contractor
Your New Company and Role We're partnering with a leading organisation seeking an experienced Lead SOC Analyst to join their team in Glasgow on a 12-month contract. This is a fantastic opportunity to take a leadership role within a 24/7 Security Operations Centre (SOC), protecting critical systems from cyber threats. As a Level 2 SOC Analyst, you'll not only monitor and respond to incidents but also provide guidance and support to junior team members. Your responsibilities will include: Continuous Monitoring: Oversee SIEM tools (including Splunk) to detect suspicious activity and ensure timely response. Incident Triage: Analyse alerts and logs to confirm genuine incidents and prioritise effectively. Initial Incident Response: Execute containment actions and escalate complex cases to senior analysts. Reporting & Documentation: Maintain detailed records of incidents and actions taken for tracking and analysis. Team Leadership: Provide direction and support to junior analysts during shifts and ensure smooth handovers. Tool Management: Assist in maintaining and optimising security tools for peak performance. What You'll Need to Succeed Strong leadership skills with the ability to guide and mentor junior team members. Excellent problem-solving abilities, attention to detail, and ability to work under pressure. Hands-on experience with Splunk in a SOC environment. Solid understanding of networking (TCP/IP, DNS), operating systems (Windows/Linux), and common cyber-attack techniques. A degree in Computer Science, Cybersecurity, IT, or equivalent experience. Certifications such as CompTIA Security+, CySA+, or similar are highly desirable. What You'll Get in Return Competitive daily rate up to 633. 12-month contract with potential for extension. Opportunity to lead within a high-performing SOC team on mission-critical projects. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Your New Company and Role We're working with a leading organisation seeking a Senior SOC Analyst to join their team in Glasgow on a 12-month contract. This is an exciting opportunity to be at the forefront of cyber defence, protecting critical systems from evolving threats. As part of a 24/7 Security Operations Centre (SOC) team, you'll monitor systems, detect potential incidents, and initiate the incident response process. Your key responsibilities will include: Continuous Monitoring: Use SIEM tools (including Splunk) to identify suspicious activity and respond efficiently. Incident Triage: Analyse alerts and logs to determine genuine incidents and prioritise accordingly. Initial Incident Response: Perform containment actions and escalate to senior analysts for deeper investigation. Reporting & Documentation: Create detailed incident reports and maintain accurate records. Tool Management: Assist in maintaining and optimising security tools for peak performance. What You'll Need to Succeed Strong problem-solving skills, attention to detail, and ability to work under pressure. Excellent communication skills and a collaborative approach. Hands-on experience with Splunk in a SOC environment. Solid understanding of networking (TCP/IP, DNS), operating systems (Windows/Linux), and common cyber-attack techniques. A degree in Computer Science, Cybersecurity, IT, or equivalent experience. Certifications such as CompTIA Security+, CySA+, or similar are highly desirable. What You'll Get in Return Competitive daily rate up to 573. 12-month contract with potential for extension. Opportunity to work in a high-performing SOC team on mission-critical projects. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
10/12/2025
Contractor
Your New Company and Role We're working with a leading organisation seeking a Senior SOC Analyst to join their team in Glasgow on a 12-month contract. This is an exciting opportunity to be at the forefront of cyber defence, protecting critical systems from evolving threats. As part of a 24/7 Security Operations Centre (SOC) team, you'll monitor systems, detect potential incidents, and initiate the incident response process. Your key responsibilities will include: Continuous Monitoring: Use SIEM tools (including Splunk) to identify suspicious activity and respond efficiently. Incident Triage: Analyse alerts and logs to determine genuine incidents and prioritise accordingly. Initial Incident Response: Perform containment actions and escalate to senior analysts for deeper investigation. Reporting & Documentation: Create detailed incident reports and maintain accurate records. Tool Management: Assist in maintaining and optimising security tools for peak performance. What You'll Need to Succeed Strong problem-solving skills, attention to detail, and ability to work under pressure. Excellent communication skills and a collaborative approach. Hands-on experience with Splunk in a SOC environment. Solid understanding of networking (TCP/IP, DNS), operating systems (Windows/Linux), and common cyber-attack techniques. A degree in Computer Science, Cybersecurity, IT, or equivalent experience. Certifications such as CompTIA Security+, CySA+, or similar are highly desirable. What You'll Get in Return Competitive daily rate up to 573. 12-month contract with potential for extension. Opportunity to work in a high-performing SOC team on mission-critical projects. What you need to do now If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV, or call us now. If this job isn't quite right for you, but you are looking for a new position, please contact us for a confidential discussion about your career. Hays Specialist Recruitment Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept the T&C's, Privacy Policy and Disclaimers which can be found at (url removed)
Product Data Analyst Salary: 65,000 - 75,000 Location: Fully Remote We are currently looking for an Product Data Analyst to join a fast-growing , innovative , and data-driven tech team within a global cybersecurity education company. You'll play a pivotal role in shaping data strategy and delivering insights that drive smarter decisions across the business. As an Product Data Analyst, you'll own the full data journey, from managing pipelines and creating models to developing visualisations that help teams understand user behaviour and business performance. This is a high-impact role, giving you the chance to transform complex data into meaningful stories that influence strategy and product direction. The Opportunity As part of a rapidly scaling technology company, you'll work with modern data tools to deliver real-time insights and automation. This Product Data Analyst role stands out because you'll have genuine ownership of analytics and visibility across the organisation, not just building dashboards, but defining how data drives growth. Key Responsibilities: Design, build, and maintain data models and pipelines. Create engaging dashboards and visualisations to present findings to non-technical audiences. Collaborate with stakeholders to translate business needs into data-driven outcomes. Use analytics to uncover trends, opportunities, and risks that shape company strategy. Champion data best practices and innovation within the wider team. What's in it for you? Competitive salary (based on geography and experience). Fully remote working - work from anywhere in the world. 2,500 personal development budget for certifications, training, and learning. Health insurance (where applicable). Skills and Experience Must Have: 2+ years' experience as a Data Analyst, Data Engineer, or Analytics Engineer. dbt Advanced SQL skills and experience with data visualisation tools (Tableau preferred). Knowledge of data modelling, warehousing, and analytics best practices. Strong communication skills with the ability to explain technical findings clearly. Nice to Have: Exposure to event-based analytics and user behaviour tracking. Understanding of machine learning models and techniques. Experience in a start-up or fast-scaling tech environment. If you'd like to be considered for this exciting Product Data Analyst opportunity and think you'd be a great fit, please click the Apply button below to submit your CV. We look forward to hearing from you!
10/12/2025
Full time
Product Data Analyst Salary: 65,000 - 75,000 Location: Fully Remote We are currently looking for an Product Data Analyst to join a fast-growing , innovative , and data-driven tech team within a global cybersecurity education company. You'll play a pivotal role in shaping data strategy and delivering insights that drive smarter decisions across the business. As an Product Data Analyst, you'll own the full data journey, from managing pipelines and creating models to developing visualisations that help teams understand user behaviour and business performance. This is a high-impact role, giving you the chance to transform complex data into meaningful stories that influence strategy and product direction. The Opportunity As part of a rapidly scaling technology company, you'll work with modern data tools to deliver real-time insights and automation. This Product Data Analyst role stands out because you'll have genuine ownership of analytics and visibility across the organisation, not just building dashboards, but defining how data drives growth. Key Responsibilities: Design, build, and maintain data models and pipelines. Create engaging dashboards and visualisations to present findings to non-technical audiences. Collaborate with stakeholders to translate business needs into data-driven outcomes. Use analytics to uncover trends, opportunities, and risks that shape company strategy. Champion data best practices and innovation within the wider team. What's in it for you? Competitive salary (based on geography and experience). Fully remote working - work from anywhere in the world. 2,500 personal development budget for certifications, training, and learning. Health insurance (where applicable). Skills and Experience Must Have: 2+ years' experience as a Data Analyst, Data Engineer, or Analytics Engineer. dbt Advanced SQL skills and experience with data visualisation tools (Tableau preferred). Knowledge of data modelling, warehousing, and analytics best practices. Strong communication skills with the ability to explain technical findings clearly. Nice to Have: Exposure to event-based analytics and user behaviour tracking. Understanding of machine learning models and techniques. Experience in a start-up or fast-scaling tech environment. If you'd like to be considered for this exciting Product Data Analyst opportunity and think you'd be a great fit, please click the Apply button below to submit your CV. We look forward to hearing from you!
We are seeking a Principal Control, Command, Signalling, and Communications (CCS&C) Engineer to provide expert guidance on RSSB's CCS&C standards and signalling projects, with expertise in either conventional signalling or digital signalling. This integral role involves leading the development of system compatibility requirements, ensuring safe integration, and managing operational technology including hardware, firmware, software, and data for signalling, train control, traffic management, SCADA, and remote monitoring systems. This is a permanent, full-time role based at our Fenchurch Avenue office and includes some hybrid working. The closing date for this role is 12th January 2026. Early application is encouraged, and candidates may be contacted before the close date. RSSB reserves the right to close this advertisement early should suitable candidates be identified. What you'll be doing: Provide technical leadership and expertise on rail systems engineering, predominately control, command, signalling and communications (CCS&C) Lead and contribute to research and innovation projects, standards development, and industry guidance on CCS&C topics, such as conventional signalling, digital signalling, cyber security, and interoperability Engage with a wide range of stakeholders, including rail operators, infrastructure managers, suppliers, regulators, and academia, to understand their needs and expectations, and to influence and promote best practice in (CCS&C) engineering Work as part of a multidisciplinary team of engineers, analysts, and specialists, and collaborate with external partners and experts, to deliver high-quality outputs that support RSSB's vision and mission What we're looking for: A degree in engineering, computer science, or a related discipline, and a professional qualification (e.g. CEng, IEng, CITP) or equivalent experience Extensive knowledge and experience in (CCS&C) engineering, and a track record of delivering successful projects and outcomes Effective communication and interpersonal skills, and the ability to present complex technical information to diverse audiences, both verbally and in writing Analytical and problem-solving skills, and the ability to apply systems thinking and innovation to (CCS&C) challenges and opportunities A passion for rail safety and standards, and a commitment to continuous learning and professional development Why Join RSSB? We value our people and offer a competitive benefits package, including: 30 days annual leave (plus bank holidays) Private medical and dental cover Smart working policy Season ticket loan and travel subsidy Cycle to work scheme Volunteer leave Performance-related bonus Pension scheme Learning and development opportunities We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme , we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing Find out more about Diversity and Inclusion at RSSB: Rail Safety and Standards Board Careers - VERCIDA If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request.
10/12/2025
Full time
We are seeking a Principal Control, Command, Signalling, and Communications (CCS&C) Engineer to provide expert guidance on RSSB's CCS&C standards and signalling projects, with expertise in either conventional signalling or digital signalling. This integral role involves leading the development of system compatibility requirements, ensuring safe integration, and managing operational technology including hardware, firmware, software, and data for signalling, train control, traffic management, SCADA, and remote monitoring systems. This is a permanent, full-time role based at our Fenchurch Avenue office and includes some hybrid working. The closing date for this role is 12th January 2026. Early application is encouraged, and candidates may be contacted before the close date. RSSB reserves the right to close this advertisement early should suitable candidates be identified. What you'll be doing: Provide technical leadership and expertise on rail systems engineering, predominately control, command, signalling and communications (CCS&C) Lead and contribute to research and innovation projects, standards development, and industry guidance on CCS&C topics, such as conventional signalling, digital signalling, cyber security, and interoperability Engage with a wide range of stakeholders, including rail operators, infrastructure managers, suppliers, regulators, and academia, to understand their needs and expectations, and to influence and promote best practice in (CCS&C) engineering Work as part of a multidisciplinary team of engineers, analysts, and specialists, and collaborate with external partners and experts, to deliver high-quality outputs that support RSSB's vision and mission What we're looking for: A degree in engineering, computer science, or a related discipline, and a professional qualification (e.g. CEng, IEng, CITP) or equivalent experience Extensive knowledge and experience in (CCS&C) engineering, and a track record of delivering successful projects and outcomes Effective communication and interpersonal skills, and the ability to present complex technical information to diverse audiences, both verbally and in writing Analytical and problem-solving skills, and the ability to apply systems thinking and innovation to (CCS&C) challenges and opportunities A passion for rail safety and standards, and a commitment to continuous learning and professional development Why Join RSSB? We value our people and offer a competitive benefits package, including: 30 days annual leave (plus bank holidays) Private medical and dental cover Smart working policy Season ticket loan and travel subsidy Cycle to work scheme Volunteer leave Performance-related bonus Pension scheme Learning and development opportunities We value diversity and equal opportunities in employment and are committed to creating a workplace which is inclusive to everyone. As a member of the Disability Confident Scheme , we encourage candidates with disabilities who meet the minimum criteria, to apply for our jobs. If you have applied under the Disability Confident Scheme, please let us know in advance by emailing Find out more about Diversity and Inclusion at RSSB: Rail Safety and Standards Board Careers - VERCIDA If you require any reasonable adjustments with respect to our selection process including information in an alternative format, please contact us at We understand the importance of work-life balance and we offer our staff the flexibility to work within our core hours and the option to vary their location between both the office and home. If you are looking for further flexibility, speak to us at interview stage so that we can consider your request.
Lead Cybersecurity Incident Responder - IR, Cyber, Salary: Competitive, based on experience + benefits Location: London / Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond to emerging threats. You will be joining a highly skilled team made up of some of the sharpest minds in the industry, offering an environment where you can grow, innovate, and make a real impact. Who We're Looking For We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Essential experience and skills: Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT, or DFIR, with a proven ability to handle urgent and complex client incidents under pressure. European language is beneficial but not required. Experience working in a 24/7 SOC environment, with a deep understanding of how SOC operations integrate with IR. Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP). Exposure to penetration testing, including red team or purple team exercises, is advantageous. Ability to script or automate using Bash, Perl, Python, or PowerShell. Strong analytical mindset and familiarity with hypothesis-driven investigation methods. Confident understanding of compliance, legal requirements, and managing third-party vendor relationships. Solid working knowledge of the MITRE ATT&CK framework. Willingness to take part in on-call rotations. Excellent understanding of the cybersecurity landscape and its impact on modern organisations. Highly desirable certifications: CISSP, CISM, OSCP, GIAC, GCIH, GCFA, GCFE, GPEN, GNFA (holding at least one is preferred). What You'll Be Doing As the Lead Cybersecurity Incident Responder, you will play a critical role in guiding clients through high-impact, time-sensitive security incidents. Your responsibilities will include: Conducting network, host, and forensic investigations, presenting clear and actionable findings to clients. Providing on-call emergency support and leading swift, effective response actions. Handling complex and sensitive IR engagements across a wide range of industries and technical environments. Acting as a trusted advisor, consulting directly with clients and collaborating with senior leadership. Producing detailed technical reports and executive-level summaries. Mentoring and supporting junior members of the team. This is an exciting opportunity to join a dynamic, highly respected organisation and contribute to meaningful cybersecurity work that protects organisations across Europe. About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this position. Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber Forensics, Security Operations, Security Engineer, On-Call IR, Penetration Testing, Python, PowerShell, Bash, Cyber Defence, CSIRT, MSSP, Network Forensics, Endpoint Forensics, Cloud Security, IR Lead, Security Consultant.
09/12/2025
Full time
Lead Cybersecurity Incident Responder - IR, Cyber, Salary: Competitive, based on experience + benefits Location: London / Hybrid (some travel European travel) About the Organisation This forward-thinking cybersecurity intelligence organisation is recognised as a European leader, partnering with some of the most prominent brands to anticipate, prevent, and respond to emerging threats. You will be joining a highly skilled team made up of some of the sharpest minds in the industry, offering an environment where you can grow, innovate, and make a real impact. Who We're Looking For We are seeking a highly experienced cybersecurity professional with a strong background in incident response and advanced security operations. Essential experience and skills: Extensive hands-on experience in Incident Response (IR), SOC, MSSP, CSIRT, or DFIR, with a proven ability to handle urgent and complex client incidents under pressure. European language is beneficial but not required. Experience working in a 24/7 SOC environment, with a deep understanding of how SOC operations integrate with IR. Expert knowledge of technologies such as Microsoft security stack, DFIR tooling, SIEM, Microsoft Defender/Sentinel, EDR platforms, timeline analysis, and cloud environments (Azure, AWS, or GCP). Exposure to penetration testing, including red team or purple team exercises, is advantageous. Ability to script or automate using Bash, Perl, Python, or PowerShell. Strong analytical mindset and familiarity with hypothesis-driven investigation methods. Confident understanding of compliance, legal requirements, and managing third-party vendor relationships. Solid working knowledge of the MITRE ATT&CK framework. Willingness to take part in on-call rotations. Excellent understanding of the cybersecurity landscape and its impact on modern organisations. Highly desirable certifications: CISSP, CISM, OSCP, GIAC, GCIH, GCFA, GCFE, GPEN, GNFA (holding at least one is preferred). What You'll Be Doing As the Lead Cybersecurity Incident Responder, you will play a critical role in guiding clients through high-impact, time-sensitive security incidents. Your responsibilities will include: Conducting network, host, and forensic investigations, presenting clear and actionable findings to clients. Providing on-call emergency support and leading swift, effective response actions. Handling complex and sensitive IR engagements across a wide range of industries and technical environments. Acting as a trusted advisor, consulting directly with clients and collaborating with senior leadership. Producing detailed technical reports and executive-level summaries. Mentoring and supporting junior members of the team. This is an exciting opportunity to join a dynamic, highly respected organisation and contribute to meaningful cybersecurity work that protects organisations across Europe. About Adecco Adecco is acting as an Employment Agency. We are proud to be an equal opportunities employer. We are on the client's supplier list for this position. Incident Response, Cyber Incident Responder, DFIR, Digital Forensics, SOC Analyst, Lead Incident Responder, Cybersecurity Analyst, SIEM, Microsoft Sentinel, Microsoft Defender, EDR, Azure Security, AWS Security, GCP Security, Threat Hunting, Cyber Threat Intelligence, MITRE ATT&CK, Red Team, Purple Team, Malware Analysis, Cyber Forensics, Security Operations, Security Engineer, On-Call IR, Penetration Testing, Python, PowerShell, Bash, Cyber Defence, CSIRT, MSSP, Network Forensics, Endpoint Forensics, Cloud Security, IR Lead, Security Consultant.
Cyber Security Lead SOC Analyst, Splunk, DV Security Cleared, required by our government services client at their East Kilbride, Glasgow base. Paying 653 per day - Umbrella Company Working in an DV (Developed Vetting) Security cleared environment. You will hold a current DV or SC Security Clearance, or be eligible to undertake. The role requires working as part of a 24/7 shift pattern. This pattern will include weekends and bank holidays. To start in the New Year Skills and Experience Required: Experience of SPLUNK with in a Security Operations Centre (SOC). A bachelor's degree in computer science, Cyber Security or relevant experience You should have a foundational understanding of networking concepts (TCP/IP, DNS, etc.), operating systems (Windows, Linux), and common cyber-attack techniques. Certifications like CompTIA Security+, Cybersecurity Analyst (CySA+), or a similar certification are a significant bonus to the role Key Responsibilities Continuous Monitoring You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation. Reporting and Documentation You'll create detailed tickets and reports for all detected incidents, documenting your findings and the steps you took. This is crucial for tracking incidents and for future analysis. Managing You'll provide direction and support to the junior member of the shift and provide handover to the next shift leader. Tool Management You will assist in the maintenance and optimization of security tools, ensuring they are working correctly and effectively. Please apply on line in the first instance SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
09/12/2025
Contractor
Cyber Security Lead SOC Analyst, Splunk, DV Security Cleared, required by our government services client at their East Kilbride, Glasgow base. Paying 653 per day - Umbrella Company Working in an DV (Developed Vetting) Security cleared environment. You will hold a current DV or SC Security Clearance, or be eligible to undertake. The role requires working as part of a 24/7 shift pattern. This pattern will include weekends and bank holidays. To start in the New Year Skills and Experience Required: Experience of SPLUNK with in a Security Operations Centre (SOC). A bachelor's degree in computer science, Cyber Security or relevant experience You should have a foundational understanding of networking concepts (TCP/IP, DNS, etc.), operating systems (Windows, Linux), and common cyber-attack techniques. Certifications like CompTIA Security+, Cybersecurity Analyst (CySA+), or a similar certification are a significant bonus to the role Key Responsibilities Continuous Monitoring You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation. Reporting and Documentation You'll create detailed tickets and reports for all detected incidents, documenting your findings and the steps you took. This is crucial for tracking incidents and for future analysis. Managing You'll provide direction and support to the junior member of the shift and provide handover to the next shift leader. Tool Management You will assist in the maintenance and optimization of security tools, ensuring they are working correctly and effectively. Please apply on line in the first instance SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
Cyber Security Lead SOC Analysts, Splunk, DV Security Cleared, required by our government services client based Milton Keynes, Bucks commutable from Northampton, East Midlands, Bedford, Luton, Peterborough. Paying £655 a day - Umbrella Company Working in an DV (Developed Vetting) Security cleared environment. You will hold a current DV or SC Security Clearance, or be eligible to undertake. The role requires working as part of a 24/7 shift pattern. This pattern will include weekends and bank holidays. To start in the New Year Skills and Experience Required: Experience of SPLUNK with in a Security Operations Centre (SOC). A bachelor's degree in computer science, Cyber Security You should have a foundational understanding of networking concepts (TCP/IP, DNS, etc.), operating systems (Windows, Linux), and common cyber-attack techniques. Certifications like CompTIA Security+, Cybersecurity Analyst (CySA+), or a similar certification are a significant bonus to the role Key Responsibilities Continuous Monitoring You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation. Reporting and Documentation You'll create detailed tickets and reports for all detected incidents, documenting your findings and the steps you took. This is crucial for tracking incidents and for future analysis. Managing You'll provide direction and support to the junior member of the shift and provide handover to the next shift leader. Tool Management: You will assist in the maintenance and optimization of security tools, ensuring they are working correctly and effectively. Please apply on line in the first instance SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
09/12/2025
Contractor
Cyber Security Lead SOC Analysts, Splunk, DV Security Cleared, required by our government services client based Milton Keynes, Bucks commutable from Northampton, East Midlands, Bedford, Luton, Peterborough. Paying £655 a day - Umbrella Company Working in an DV (Developed Vetting) Security cleared environment. You will hold a current DV or SC Security Clearance, or be eligible to undertake. The role requires working as part of a 24/7 shift pattern. This pattern will include weekends and bank holidays. To start in the New Year Skills and Experience Required: Experience of SPLUNK with in a Security Operations Centre (SOC). A bachelor's degree in computer science, Cyber Security You should have a foundational understanding of networking concepts (TCP/IP, DNS, etc.), operating systems (Windows, Linux), and common cyber-attack techniques. Certifications like CompTIA Security+, Cybersecurity Analyst (CySA+), or a similar certification are a significant bonus to the role Key Responsibilities Continuous Monitoring You will monitor security tools, including Security Information and Event Management (SIEM) systems, to detect suspicious activity. You will be the first to see potential threats and will need to be efficient and professional response against defined processes. Incident Triage You will analyse alerts and logs to determine if an event is a genuine security incident or a false positive. You will need to be methodical and follow established procedures to classify and prioritize incidents. Initial Incident Response For confirmed incidents, youll perform initial containment actions, such as isolating affected systems, and escalate the incident to a Level 2 or 3 analyst for deeper investigation. Reporting and Documentation You'll create detailed tickets and reports for all detected incidents, documenting your findings and the steps you took. This is crucial for tracking incidents and for future analysis. Managing You'll provide direction and support to the junior member of the shift and provide handover to the next shift leader. Tool Management: You will assist in the maintenance and optimization of security tools, ensuring they are working correctly and effectively. Please apply on line in the first instance SmartSourcing are a Disability Confident Employer and we promote, celebrate and value diversity, we are committed to promoting equality and inclusion for all.
Role Overview and Purpose The 2nd Line IT Support Analyst is responsible for delivering high-quality second-line technical support to Voyage Care staff across the organisation. The post holder will respond promptly to support requests, providing regular updates to users to keep them informed of ticket progress. The successful candidate will contribute as a key member of the team, attending the office two to three times per week as required. This role is responsible for managing ticket escalations from the 1st Line Support team, providing assistance with hardware, software, and infrastructure queries that require a higher level of technical expertise. The post holder is expected to draw on their knowledge and experience to thoroughly troubleshoot and resolve these issues wherever possible. If a problem cannot be remedied at this stage, the analyst is responsible for escalating the ticket to the engineering teams, making certain that all appropriate troubleshooting steps have been completed. Detailed documentation of all actions taken and findings is required, ensuring that subsequent teams have comprehensive information to facilitate a swift resolution. Additionally, the analyst will contribute to service improvement initiatives, such as managing support queues and identifying opportunities for process enhancements on designated days. Professional development is highly encouraged at Voyage Care. The successful applicant will be expected to further their knowledge of the Azure platform and participate in meetings with other business units to gain a deeper understanding of various operational roles and daily tasks. Key Responsibilities Deliver high-quality second-line technical support to staff, ensuring prompt responses and regular updates on ticket progress. Manage ticket escalations from the 1st Line Support team, applying advanced technical knowledge to troubleshoot and resolve hardware, software, and infrastructure issues. Escalate unresolved Incident s and Problems to engineering teams, ensuring all troubleshooting steps are thoroughly documented for efficient handover. Provide technical assistance both remotely and on-site, including the installation and maintenance of hardware and software. Maintain and support IT infrastructure, such as PCs, laptops, printers etc. ensuring systems are operating optimally. Accurately log support calls and document fixes within the helpdesk ticketing system for future reference. Liaise with 3rd line support, infrastructure teams, and external suppliers to resolve complex or specialised technical issues. Proactively identify and report potential IT and cybersecurity risks to minimise organisational impact. Contribute to service improvement initiatives by managing support queues and suggesting process enhancements. Create and maintain knowledge articles to support the ongoing development of the service desk knowledge library. Participate in meetings with other business units to enhance understanding of operational roles and support professional development Skills, Experience and Qualifications Previous experience in a 2nd line IT support or similar technical support role within a service desk environment. Strong understanding of computer hardware, operating systems (including Windows 10/11), and common software applications. Experience managing user accounts and permissions in Active Directory and Entra ID. Using remote support tools and ticketing systems for logging and tracking incidents. Ability to diagnose and resolve more complex incidents that have been escalated from 1st line support. Knowledge of networking concepts such as TCP/IP, DNS, DHCP, and VPN connectivity. Awareness of cybersecurity best practices and procedures for identifying and escalating risks. IT certifications (e.g., CompTIA A+, Microsoft Certs) are desirable but not essential. Strong organisational skills and the ability to prioritise workload. Essential Attributes Technical Proficiency: Strong skills in troubleshooting hardware, software, and network issues. Customer Service Skills: Ability to interact professionally and efficiently with users, acting as an internal customer. Documentation: Ability to clearly document technical issues and resolutions. Problem-Solving: Taking ownership of user problems and performing technical diagnosis to find effective solutions. Excellent communication and interpersonal skills for liaising with users and technical teams.
05/12/2025
Full time
Role Overview and Purpose The 2nd Line IT Support Analyst is responsible for delivering high-quality second-line technical support to Voyage Care staff across the organisation. The post holder will respond promptly to support requests, providing regular updates to users to keep them informed of ticket progress. The successful candidate will contribute as a key member of the team, attending the office two to three times per week as required. This role is responsible for managing ticket escalations from the 1st Line Support team, providing assistance with hardware, software, and infrastructure queries that require a higher level of technical expertise. The post holder is expected to draw on their knowledge and experience to thoroughly troubleshoot and resolve these issues wherever possible. If a problem cannot be remedied at this stage, the analyst is responsible for escalating the ticket to the engineering teams, making certain that all appropriate troubleshooting steps have been completed. Detailed documentation of all actions taken and findings is required, ensuring that subsequent teams have comprehensive information to facilitate a swift resolution. Additionally, the analyst will contribute to service improvement initiatives, such as managing support queues and identifying opportunities for process enhancements on designated days. Professional development is highly encouraged at Voyage Care. The successful applicant will be expected to further their knowledge of the Azure platform and participate in meetings with other business units to gain a deeper understanding of various operational roles and daily tasks. Key Responsibilities Deliver high-quality second-line technical support to staff, ensuring prompt responses and regular updates on ticket progress. Manage ticket escalations from the 1st Line Support team, applying advanced technical knowledge to troubleshoot and resolve hardware, software, and infrastructure issues. Escalate unresolved Incident s and Problems to engineering teams, ensuring all troubleshooting steps are thoroughly documented for efficient handover. Provide technical assistance both remotely and on-site, including the installation and maintenance of hardware and software. Maintain and support IT infrastructure, such as PCs, laptops, printers etc. ensuring systems are operating optimally. Accurately log support calls and document fixes within the helpdesk ticketing system for future reference. Liaise with 3rd line support, infrastructure teams, and external suppliers to resolve complex or specialised technical issues. Proactively identify and report potential IT and cybersecurity risks to minimise organisational impact. Contribute to service improvement initiatives by managing support queues and suggesting process enhancements. Create and maintain knowledge articles to support the ongoing development of the service desk knowledge library. Participate in meetings with other business units to enhance understanding of operational roles and support professional development Skills, Experience and Qualifications Previous experience in a 2nd line IT support or similar technical support role within a service desk environment. Strong understanding of computer hardware, operating systems (including Windows 10/11), and common software applications. Experience managing user accounts and permissions in Active Directory and Entra ID. Using remote support tools and ticketing systems for logging and tracking incidents. Ability to diagnose and resolve more complex incidents that have been escalated from 1st line support. Knowledge of networking concepts such as TCP/IP, DNS, DHCP, and VPN connectivity. Awareness of cybersecurity best practices and procedures for identifying and escalating risks. IT certifications (e.g., CompTIA A+, Microsoft Certs) are desirable but not essential. Strong organisational skills and the ability to prioritise workload. Essential Attributes Technical Proficiency: Strong skills in troubleshooting hardware, software, and network issues. Customer Service Skills: Ability to interact professionally and efficiently with users, acting as an internal customer. Documentation: Ability to clearly document technical issues and resolutions. Problem-Solving: Taking ownership of user problems and performing technical diagnosis to find effective solutions. Excellent communication and interpersonal skills for liaising with users and technical teams.
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
05/12/2025
Full time
Senior Security & Compliance Consultant & Architect Location: Hybrid - Manchester HQ with occasional customer site visits as required Salary: Dependant on Experience Please note - We cannot accept candidates who are currently on, or may require a Visa at this or any time. Overview This role exists to strengthen and mature the security capability across consultancy, architecture, and technical delivery. The successful candidate will design pragmatic security controls, produce actionable roadmaps, understand frameworks such as ISO 27001, CE+, NIST, CIS, and MOD/DEFSTAN, and ensure these controls are implemented effectively across customer environments. A key part of this role is working closely with the security-focused support desk analysts, providing ongoing mentoring, technical guidance, and structured development. This position will help shape and accelerate the growth of the Managed Security Services (MSS) offering. Key Responsibilities: Security Architecture & Technical Direction Define and lead the technical security direction across Microsoft 365, identity, endpoint, network, and cloud layers Translate framework requirements into practical, phased roadmaps for customer environments Perform environment reviews and define realistic uplift plans that balance risk, user experience, and operational impact Ensure architectural decisions are scalable, consistent, and repeatable across multi-tenant estates Framework & Compliance Interpretation Interpret ISO 27001, CE+, NIST CSF, CIS Benchmarks and MOD/DEFSTAN controls into implementable technical actions Support structured assessments and develop remediation plans with clear prioritisation. Provide the why behind recommendations to achieve stakeholder buy-in and avoid heavy-handed approaches Consultancy & Customer Engagement Act as a senior security advisor to customers at both technical and leadership levels Communicate security concepts clearly and confidently, tailoring detail to the audience Present options and risk-based reasoning Support pre-sales, account management, engineering, and service teams with expert security guidance Technical Delivery & Implementation Lead the end-to-end delivery of complex security transformation programmes, including identity re-architecture, Zero Trust alignment, and phased implementation of modern security controls across multi-tenant estates Design and implement Conditional Access frameworks that account for risk-based policies, break-glass strategy, device trust, session controls, privileged access scenarios, and operational edge-cases Oversee full Intune security baselining, including secure device provisioning, compliance models, remediation scripts, endpoint hardening, managed configurations, and integration with incident response Architect and tune the Microsoft Defender XDR stack, including advanced hunting, alert tuning, automation rules, vulnerability management, attack surface reduction, and integration with SOC workflows Design firewall and network segmentation strategies that reflect real operational usage, least privilege principles, east-west traffic controls, VPN hardening, and isolation of high-risk or high-value assets Implement identity governance and access control models covering privileged identity management, entitlement workflows, elevated access justification, and audit-ready forensic traceability Build out logging, monitoring, and incident response capabilities, ensuring telemetry is collected, correlated, enriched, and actionable for both engineering and SOC teams Champion technical evidence collection and audit readiness, ensuring controls are measurable, repeatable, and presented clearly during customer or external audits Validate end-to-end outcomes, confirm alignment between design intent and implementation, and ensure security uplift is embedded into operational practice rather than left as one-off actions Mentoring & MSS Growth Work closely with our security-focused support desk analyst, providing hands-on mentoring, coaching, and progression pathways Help define the processes, standards, and technical methods that underpin Managed Security Services (MSS) Ensure the internal team understands how and why controls are implemented to drive capability growth across the whole business Internal Capability Development Improve internal documentation, repeatable processes, and delivery frameworks Provide architectural oversight across security projects and initiatives Contribute to long-term planning for security service evolution Required Experience & Skills Technical Expertise Strong hands-on experience with Microsoft cloud security (Entra ID, Conditional Access, Intune, Defender XDR) Ability to design secure configurations across identity, endpoint, and network layers Proven experience delivering end-to-end security uplift projects Solid understanding of Zero Trust concepts and modern security architecture Framework Knowledge Practical understanding of ISO 27001, Cyber Essentials Plus, NIST CSF, CIS Benchmarks and similar Frameworks Experience turning framework requirements into realistic, implementable controls Comfortable producing structured gap analyses and remediation pathways Consultancy & Communication Skilled in presenting complex security concepts in simple, actionable terms Able to influence decision-making through clarity, options, and rationale Confident working directly with stakeholders ranging from engineers to leadership teams Professional Background Experience in an MSP, consultancy, or multi-tenant environment Exposure to defence, MOD, or high-assurance environments is strongly beneficial Security certifications advantageous (AZ-500, SC-100, SC-300, CISSP, CISM etc.)
Job Title: Digital Operations Manager/ IT Manager/IT Operations Support Manager Location: London Department: Digital Operations Salary: 65-70k + Benefits Company Overview: We are dedicated to shaping the future of digital infrastructure and services. We are seeking a highly motivated and experienced Digital Operations Manager to oversee the daily operations of our digital ecosystem, ensuring top-tier performance, security, and compliance. This is an exciting opportunity to lead a dynamic team and drive the success of our digital projects. As the Digital Operations Manager, you will play a pivotal role in maintaining the integrity of our IT systems, collaborating closely with cross-functional teams, and ensuring our digital operations meet the highest standards. Key Responsibilities: Team Leadership and Management: Lead, mentor, and manage a diverse team of IT professionals including an Application Support Specialist, Technical Project Manager, Cyber Security and Compliance Analyst, and End-to-End QA Specialist. Allocate resources efficiently to ensure timely and successful project delivery. Conduct regular performance reviews and provide ongoing feedback to foster growth and development within the team. Operational Oversight: Oversee the daily operations of digital systems, applications, and infrastructure. Ensure high availability and performance of all IT services and applications. Implement and maintain monitoring systems to proactively identify and resolve issues. Application Support: Manage application support activities to ensure the prompt resolution of incidents and service requests. Collaborate with the Application Support Manager to develop and implement effective support processes and documentation. Ensure all applications are updated, patched, and maintained in line with best practices. Technical Project Management: Oversee the planning, execution, and delivery of technical projects. Work closely with the Technical Project Manager to ensure projects are completed on time, within scope, and budget. Facilitate communication and collaboration between project teams and stakeholders. Cyber Security and Compliance: Ensure the implementation and adherence to cyber security policies and procedures. Collaborate with the Cyber Security and Compliance resources to conduct regular security assessments and audits. Manage compliance with relevant regulations and standards, such as GDPR and Cyber Essentials Plus. Quality Assurance: Oversee the end-to-end quality assurance process for all digital products and services. Work with the End-to-End QA Specialist to develop comprehensive test plans and ensure thorough testing. Ensure quality assurance processes are followed to maintain high standards. Strategic Planning and Improvement: Develop and implement strategies to enhance digital operations and IT service delivery. Identify opportunities for process optimisation and efficiency gains. Stakeholder Communication: Act as the primary point of contact for all digital operations-related matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience in managing technical projects and ensuring successful delivery. In-depth knowledge of cyber security principles and compliance requirements. Strong understanding of quality assurance processes and methodologies. Exceptional problem-solving and analytical abilities. Excellent communication and interpersonal skills, with the ability to engage effectively with stakeholders at all levels. Familiarity with IT service management (ITSM) frameworks such as ITIL. Relevant certifications (e.g., PMP, CISSP, ITIL) are advantageous. What We Offer: Competitive salary and benefits package. A dynamic, collaborative work environment with opportunities for professional development and growth. A chance to lead and shape the future of digital operations People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.
04/12/2025
Full time
Job Title: Digital Operations Manager/ IT Manager/IT Operations Support Manager Location: London Department: Digital Operations Salary: 65-70k + Benefits Company Overview: We are dedicated to shaping the future of digital infrastructure and services. We are seeking a highly motivated and experienced Digital Operations Manager to oversee the daily operations of our digital ecosystem, ensuring top-tier performance, security, and compliance. This is an exciting opportunity to lead a dynamic team and drive the success of our digital projects. As the Digital Operations Manager, you will play a pivotal role in maintaining the integrity of our IT systems, collaborating closely with cross-functional teams, and ensuring our digital operations meet the highest standards. Key Responsibilities: Team Leadership and Management: Lead, mentor, and manage a diverse team of IT professionals including an Application Support Specialist, Technical Project Manager, Cyber Security and Compliance Analyst, and End-to-End QA Specialist. Allocate resources efficiently to ensure timely and successful project delivery. Conduct regular performance reviews and provide ongoing feedback to foster growth and development within the team. Operational Oversight: Oversee the daily operations of digital systems, applications, and infrastructure. Ensure high availability and performance of all IT services and applications. Implement and maintain monitoring systems to proactively identify and resolve issues. Application Support: Manage application support activities to ensure the prompt resolution of incidents and service requests. Collaborate with the Application Support Manager to develop and implement effective support processes and documentation. Ensure all applications are updated, patched, and maintained in line with best practices. Technical Project Management: Oversee the planning, execution, and delivery of technical projects. Work closely with the Technical Project Manager to ensure projects are completed on time, within scope, and budget. Facilitate communication and collaboration between project teams and stakeholders. Cyber Security and Compliance: Ensure the implementation and adherence to cyber security policies and procedures. Collaborate with the Cyber Security and Compliance resources to conduct regular security assessments and audits. Manage compliance with relevant regulations and standards, such as GDPR and Cyber Essentials Plus. Quality Assurance: Oversee the end-to-end quality assurance process for all digital products and services. Work with the End-to-End QA Specialist to develop comprehensive test plans and ensure thorough testing. Ensure quality assurance processes are followed to maintain high standards. Strategic Planning and Improvement: Develop and implement strategies to enhance digital operations and IT service delivery. Identify opportunities for process optimisation and efficiency gains. Stakeholder Communication: Act as the primary point of contact for all digital operations-related matters. Provide regular updates to senior management on the status of projects, operational performance, and security compliance. Facilitate effective communication between IT teams and business units. Problem Solving and Incident Management: Manage and resolve high-priority incidents and critical issues. Conduct root cause analysis and implement corrective actions to prevent recurrence. Develop and maintain incident response plans and procedures. Requirements: Proven experience as a Digital Operations Manager, IT Manager, Support Manager, or similar role. Strong leadership and team management skills with the ability to mentor and inspire a diverse team. Excellent understanding of IT infrastructure, application support, and digital operations. Demonstrated experience in managing technical projects and ensuring successful delivery. In-depth knowledge of cyber security principles and compliance requirements. Strong understanding of quality assurance processes and methodologies. Exceptional problem-solving and analytical abilities. Excellent communication and interpersonal skills, with the ability to engage effectively with stakeholders at all levels. Familiarity with IT service management (ITSM) frameworks such as ITIL. Relevant certifications (e.g., PMP, CISSP, ITIL) are advantageous. What We Offer: Competitive salary and benefits package. A dynamic, collaborative work environment with opportunities for professional development and growth. A chance to lead and shape the future of digital operations People Source Consulting Ltd is acting as an Employment Agency in relation to this vacancy. People Source specialise in technology recruitment across niche markets including Information Technology, Digital TV, Digital Marketing, Project and Programme Management, SAP, Digital and Consumer Electronics, Air Traffic Management, Management Consultancy, Business Intelligence, Manufacturing, Telecoms, Public Sector, Healthcare, Finance and Oil & Gas.
Excellent opportunity for a Service Desk Analyst to join a leading IT and Communications service provider in the South West. Job Title: Service Desk Analyst Job Type: Permanent; Full Time Salary: £25,000 - £30,000 Location: Exeter About the Service Desk Analyst role : Join a constantly growing team in a company that has clients across the UK and beyond with a penchant for progression. You will be working with clients on a daily basis, supporting their continued success via our ticketing platform and remote support software as well as regular visits to client premises. You will have a logical approach and attention to detail, be confident, highly organised, flexible, reliable and able to manage tasks and prioritise within tight deadlines. Key responsibilities of the Service Desk Analyst: - Provide first line technical support to our customers via our ticketing platform, email, phone and remote support tools - Diagnose and resolve common desktop, laptop, printer and basic networking issues - Set up and configure new user accounts, devices and applications - Assist with routine maintenance tasks, patching and monitoring - Escalate more complex issues to senior engineers where appropriate - Support small project tasks under the guidance of more senior team members - Accurately document work, updates and solutions in our service desk system Requirements of the Service Desk Analyst: - Motivated team player with high standards of customer service - Excellent analytical and problem-solving skills, with a strong attention to detail even when working under pressure. - Methodical and able to approach complex problems logically - Excellent written and verbal communication skills at all levels, both technical and non-technical audiences, including 3rd party vendor communications as part of a larger project team - Aptitude for continuous learning and development, including self-directed study when appropriate - You must be enthusiastic, inquisitive, presentable, confident & articulate with an excellent telephone manner - Your own car and a clean driving licence would be advantageous (costs will be reimbursed) - Degree-level or higher qualification in BSc Cyber Security, BSc Computer Science, BSc Software Engineering, BSc Mathematics, MSc Cyber Security is desirable - Any relevant industry certifications Must be able to demonstrate some of the following: - Knowledge of Microsoft operating systems ideally up to Windows Server 2025 and certainly Windows 11, including Active Directory and DNS - Understanding of network topologies including wired / wireless, switching, security and VLANs. - Implementation of networking upgrades desirable - Experience of basic security hardening and penetration testing would be advantageous - Experience of conducting audits e.g. asset management, cyber security etc. - Experience with PowerShell for administration and automation - Experience of supporting organisations to achieve Cyber Essentials / CE+ a distinct advantage - Office 365 Administration. Office 365 migration experience desirable - Azure Administration and migration experience - Experience of server and workstation hardware builds, fault diagnosis and problem resolution - Experience of a wide range of Endpoint Security solutions and managed mail security, including centralised management and monitoring - Familiarity with patch management, configuration management and MDM solutions desirable - Experience of the managed deployment of client applications and application migration - Experience with SQL Server and SQL database administration and upgrades would be advantageous - Familiarity with supporting all common end user software including Microsoft Office - Experience of technical writing, documenting solutions or writing / designing training materials - Experience with other scripting and programming languages e.g. Python, Go, Swift etc. Benefits of the Service Desk Analyst: - Paid holidays + Bank Holidays - Opportunities to progress
04/12/2025
Full time
Excellent opportunity for a Service Desk Analyst to join a leading IT and Communications service provider in the South West. Job Title: Service Desk Analyst Job Type: Permanent; Full Time Salary: £25,000 - £30,000 Location: Exeter About the Service Desk Analyst role : Join a constantly growing team in a company that has clients across the UK and beyond with a penchant for progression. You will be working with clients on a daily basis, supporting their continued success via our ticketing platform and remote support software as well as regular visits to client premises. You will have a logical approach and attention to detail, be confident, highly organised, flexible, reliable and able to manage tasks and prioritise within tight deadlines. Key responsibilities of the Service Desk Analyst: - Provide first line technical support to our customers via our ticketing platform, email, phone and remote support tools - Diagnose and resolve common desktop, laptop, printer and basic networking issues - Set up and configure new user accounts, devices and applications - Assist with routine maintenance tasks, patching and monitoring - Escalate more complex issues to senior engineers where appropriate - Support small project tasks under the guidance of more senior team members - Accurately document work, updates and solutions in our service desk system Requirements of the Service Desk Analyst: - Motivated team player with high standards of customer service - Excellent analytical and problem-solving skills, with a strong attention to detail even when working under pressure. - Methodical and able to approach complex problems logically - Excellent written and verbal communication skills at all levels, both technical and non-technical audiences, including 3rd party vendor communications as part of a larger project team - Aptitude for continuous learning and development, including self-directed study when appropriate - You must be enthusiastic, inquisitive, presentable, confident & articulate with an excellent telephone manner - Your own car and a clean driving licence would be advantageous (costs will be reimbursed) - Degree-level or higher qualification in BSc Cyber Security, BSc Computer Science, BSc Software Engineering, BSc Mathematics, MSc Cyber Security is desirable - Any relevant industry certifications Must be able to demonstrate some of the following: - Knowledge of Microsoft operating systems ideally up to Windows Server 2025 and certainly Windows 11, including Active Directory and DNS - Understanding of network topologies including wired / wireless, switching, security and VLANs. - Implementation of networking upgrades desirable - Experience of basic security hardening and penetration testing would be advantageous - Experience of conducting audits e.g. asset management, cyber security etc. - Experience with PowerShell for administration and automation - Experience of supporting organisations to achieve Cyber Essentials / CE+ a distinct advantage - Office 365 Administration. Office 365 migration experience desirable - Azure Administration and migration experience - Experience of server and workstation hardware builds, fault diagnosis and problem resolution - Experience of a wide range of Endpoint Security solutions and managed mail security, including centralised management and monitoring - Familiarity with patch management, configuration management and MDM solutions desirable - Experience of the managed deployment of client applications and application migration - Experience with SQL Server and SQL database administration and upgrades would be advantageous - Familiarity with supporting all common end user software including Microsoft Office - Experience of technical writing, documenting solutions or writing / designing training materials - Experience with other scripting and programming languages e.g. Python, Go, Swift etc. Benefits of the Service Desk Analyst: - Paid holidays + Bank Holidays - Opportunities to progress
First Choice Recruitment Services
Bromsgrove, Worcestershire
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
04/12/2025
Full time
IT Security Analyst Bromsgrove Permanent Salary c£35k This is an exciting opportunity for an IT Security Analyst to join our client s experienced and collaborative IT team. The company is growing and therefore they offer excellent opportunities to progress. The role will focus on supporting and implementing new ways of working to protect the company from a range of cyber and security threats. Candidates will need 2/3 years experience of working as a Security Analyst, including monitoring vulnerability and threats, risk mitigation and implementation of robust security policies. This role is to be based at the Bromsgrove office but regular travel to Tewkesbury as required. Hybrid working an option after initial 6 months. Security Check (SC) will be required therefore the role is only open to British Nationals. Key Responsibilities Monitor and analyse security events and alerts. Perform initial triage, investigation, and classification of potential security incidents alongside the Cyber Security Consultant. Monitor security alerts from various sources and respond promptly, escalating as necessary. Generate reports on key metrics, processes, and the performance of different workflows. Escalate incidents to the appropriate teams based on severity and impact. Maintain, tune, and create alerts, playbooks, graphs, and other documentation following industry and international standards under the guidance of the Cyber Security Consultant. Respond to cybersecurity incidents by adhering to standard operating procedures (SOPs) and playbooks, under the supervision of the Cyber Security Consultant. Conduct root cause analysis and document findings and lessons learned from security incidents with the Cyber Security Consultant. Work with IT and security teams to contain and resolve threats. Keep incident logs, reports, and tickets updated within incident tracking systems. Assist in threat intelligence gathering and analysis to enhance detection capabilities. Participate in vulnerability management activities. Update and oversee the software inventory. Support compliance reporting and audits. Assist in IT service desk activities. Stay updated with emerging cyber threats, attack techniques, and security trends. Perform any additional duties delegated by the IT Manager to ensure efficient management of the Company. Key skills: Candidates will need recent work history of working in a similar role. Degree Educated would be an advantage A strong understanding of firewalls, intrusion detection systems and other security technologies is essential. Familiar with ethical hacking and penetration testing an advantage. The ability to analyse complex data and identify potential security threats is essential Excellent communication skills required to communicate with both technical and nontechnical stakeholders, explaining security issues and policies clearly To apply please forward your up to date CV and or call us for more information. First Choice Recruitment are a privately owned independent Recruitment service provider, we act as an employment agency for permanent recruitment and as an employment business for temporary recruitment. Our service is a free and confidential service to work seekers
Information Security Assurance, Compliance Analyst Staffordshire We re looking for an experienced Information Security Compliance & Assurance Analyst to own a brand-new role with real scope to make an impact. Are you ready to take the lead in keeping data secure and driving compliance across a growing organisation? You ll build frameworks from scratch, be the go-to person for audits, assessments, and compliance, and help shape the way the business manages security. In this role, you ll manage policies, maintain the Cyber Risk Register, and ensure all sites stay aligned while swiftly closing any gaps. In addition to lead third-party reviews, prepare the business for certifications, run engaging training sessions, and oversee penetration testing, IT audits, and investigations. Working across IT, OT, and cloud environments, you ll provide actionable recommendations and ensure compliance is front-of-mind for the whole organisation. We re looking for someone with strong experience in assurance, compliance, or audit, strong knowledge of UK data protection including GDPR, and familiarity with frameworks like NIST or Cyber Essentials. You ll need a sharp eye for detail and the confidence to influence change across teams. This is your chance to shape the role globally, implement meaningful improvements, and leave a lasting mark on a company that values security and compliance. This is an exciting opportunity to work on both audits and the development of innovative programmes within a well-established organisation that offers excellent prospects for career progression and development. For more information, get in touch.
03/12/2025
Full time
Information Security Assurance, Compliance Analyst Staffordshire We re looking for an experienced Information Security Compliance & Assurance Analyst to own a brand-new role with real scope to make an impact. Are you ready to take the lead in keeping data secure and driving compliance across a growing organisation? You ll build frameworks from scratch, be the go-to person for audits, assessments, and compliance, and help shape the way the business manages security. In this role, you ll manage policies, maintain the Cyber Risk Register, and ensure all sites stay aligned while swiftly closing any gaps. In addition to lead third-party reviews, prepare the business for certifications, run engaging training sessions, and oversee penetration testing, IT audits, and investigations. Working across IT, OT, and cloud environments, you ll provide actionable recommendations and ensure compliance is front-of-mind for the whole organisation. We re looking for someone with strong experience in assurance, compliance, or audit, strong knowledge of UK data protection including GDPR, and familiarity with frameworks like NIST or Cyber Essentials. You ll need a sharp eye for detail and the confidence to influence change across teams. This is your chance to shape the role globally, implement meaningful improvements, and leave a lasting mark on a company that values security and compliance. This is an exciting opportunity to work on both audits and the development of innovative programmes within a well-established organisation that offers excellent prospects for career progression and development. For more information, get in touch.
SOC ANALYST CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SOC / Cyber Security Analyst for an initial 6-month assignment, with the possibility of extension. Location: Milton Keynes London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security Operation Centres working within a high-threat government environment: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Sentinel, Splunk, Defender, Qualys, Tenable, Huntsman & LogRhyth Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms Knowledge of navigating secure environments in the public sector/defence sector effectively. To apply, please submit your latest CV for review.
02/12/2025
Contractor
SOC ANALYST CYBER SECURITY ANALYST Summer-Browning Associates is supporting our client in the Central Government who is seeking a SOC / Cyber Security Analyst for an initial 6-month assignment, with the possibility of extension. Location: Milton Keynes London Hybrid The ideal candidates will hold active SC or DV clearance and have a proven background in Cyber Security Operation Centres working within a high-threat government environment: Experience in SOC operations, incident response, and forensic analysis. Proficiency in Security Information and Event Management (SIEM), including tools such as Sentinel, Splunk, Defender, Qualys, Tenable, Huntsman & LogRhyth Ability to perform triage of security events to determine their scope, priority, and impact, while making recommendations for efficient remediation. Experience in network security principles, firewalls, and access control mechanisms Knowledge of navigating secure environments in the public sector/defence sector effectively. To apply, please submit your latest CV for review.
Senior Data Analyst Salary: 65,000 - 75,000 Location: Fully Remote We are currently looking for an Senior Data Analyst to join a fast-growing , innovative , and data-driven tech team within a global cybersecurity education company. You'll play a pivotal role in shaping data strategy and delivering insights that drive smarter decisions across the business. As an Senior Data Analyst, you'll own the full data journey, from managing pipelines and creating models to developing visualisations that help teams understand user behaviour and business performance. This is a high-impact role, giving you the chance to transform complex data into meaningful stories that influence strategy and product direction. The Opportunity As part of a rapidly scaling technology company, you'll work with modern data tools to deliver real-time insights and automation. This Senior Data Analyst role stands out because you'll have genuine ownership of analytics and visibility across the organisation, not just building dashboards, but defining how data drives growth. Key Responsibilities: Design, build, and maintain data models and pipelines. Create engaging dashboards and visualisations to present findings to non-technical audiences. Collaborate with stakeholders to translate business needs into data-driven outcomes. Use analytics to uncover trends, opportunities, and risks that shape company strategy. Champion data best practices and innovation within the wider team. What's in it for you? Competitive salary (based on geography and experience). Fully remote working - work from anywhere in the world. 2,500 personal development budget for certifications, training, and learning. Health insurance (where applicable). Skills and Experience Must Have: 2+ years' experience as a Data Analyst, Data Engineer, or Analytics Engineer. dbt Advanced SQL skills and experience with data visualisation tools (Tableau preferred). Knowledge of data modelling, warehousing, and analytics best practices. Strong communication skills with the ability to explain technical findings clearly. Nice to Have: Exposure to event-based analytics and user behaviour tracking. Understanding of machine learning models and techniques. Experience in a start-up or fast-scaling tech environment. If you'd like to be considered for this exciting Senior Data Analyst opportunity and think you'd be a great fit, please click the Apply button below to submit your CV. We look forward to hearing from you!
02/12/2025
Full time
Senior Data Analyst Salary: 65,000 - 75,000 Location: Fully Remote We are currently looking for an Senior Data Analyst to join a fast-growing , innovative , and data-driven tech team within a global cybersecurity education company. You'll play a pivotal role in shaping data strategy and delivering insights that drive smarter decisions across the business. As an Senior Data Analyst, you'll own the full data journey, from managing pipelines and creating models to developing visualisations that help teams understand user behaviour and business performance. This is a high-impact role, giving you the chance to transform complex data into meaningful stories that influence strategy and product direction. The Opportunity As part of a rapidly scaling technology company, you'll work with modern data tools to deliver real-time insights and automation. This Senior Data Analyst role stands out because you'll have genuine ownership of analytics and visibility across the organisation, not just building dashboards, but defining how data drives growth. Key Responsibilities: Design, build, and maintain data models and pipelines. Create engaging dashboards and visualisations to present findings to non-technical audiences. Collaborate with stakeholders to translate business needs into data-driven outcomes. Use analytics to uncover trends, opportunities, and risks that shape company strategy. Champion data best practices and innovation within the wider team. What's in it for you? Competitive salary (based on geography and experience). Fully remote working - work from anywhere in the world. 2,500 personal development budget for certifications, training, and learning. Health insurance (where applicable). Skills and Experience Must Have: 2+ years' experience as a Data Analyst, Data Engineer, or Analytics Engineer. dbt Advanced SQL skills and experience with data visualisation tools (Tableau preferred). Knowledge of data modelling, warehousing, and analytics best practices. Strong communication skills with the ability to explain technical findings clearly. Nice to Have: Exposure to event-based analytics and user behaviour tracking. Understanding of machine learning models and techniques. Experience in a start-up or fast-scaling tech environment. If you'd like to be considered for this exciting Senior Data Analyst opportunity and think you'd be a great fit, please click the Apply button below to submit your CV. We look forward to hearing from you!
Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary: £50,000 - £60,000 depending on experience Dynamic (hybrid) working: Minimum 2 days per week on-site due to workload classification Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Flexible working: We welcome applicants who are looking for flexible working arrangements Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute tabletop exercises (TTEx) to test and improve incident response and forensic readiness. Perform network and endpoint investigations, including AV scans, incident remediation, and validation of security alerts. Collaborate with IM/DEx and Security Operations to enhance incident reporting, alerting, and notification services. Deputise for CERT responders during major incidents or third-party attacks, coordinating with national and international partners (e.g., NCPC). Develop and maintain enterprise security documentation, including policies, standards, baselines, and playbooks. Desirables: Identify root causes of security incidents and recommend sustainable mitigation strategies. Manage remediation and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike, etc.) to replicate realistic attacker behaviours. Research and integrate emerging threats and TTPs into adversary emulation and validation methodologies. Produce detailed reporting and metrics on detection coverage, response performance, and control effectiveness. Support the wider IM/DEx team by validating new or updated controls against advanced threat simulations. Support SOC operations with investigation, alert triage, and implementation of lessons learned from adversarial validation and DFIR activities. Research and evaluate emerging security tools, technologies, and methodologies; provide gap analysis and recommendations to influence investment. Deliver metrics, dashboards, and reports demonstrating adversarial resilience and capability maturity. Contribute to small-to-medium cyber projects enhancing threat detection, emulation, and response maturity. What we're looking for from you: Demonstratable experience handling incidents, such as: Ransomware containment + remediation Business email compromise investigations Cloud account takeover Insider threat events Large-scale phishing attacks Leading incident response calls, advising leadership, and writing executive summaries Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. JBRP1_UKTJ
02/12/2025
Full time
Bolton The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). Salary: £50,000 - £60,000 depending on experience Dynamic (hybrid) working: Minimum 2 days per week on-site due to workload classification Security Clearance: British Citizen or a Dual UK national with British citizenship. Restrictions and/or limitations relating to nationality and/or rights to work may apply. As a minimum and after offer stage, all successful candidates will need to undergo HMG Basic Personnel Security Standard checks (BPSS), which are managed by the MBDA Personnel Security Team. What we can offer you: Company bonus: Up to £2,500 (based on company performance and will vary year to year) Pension: maximum total (employer and employee) contribution of up to 14% Overtime: opportunity for paid overtime Flexi Leave: Up to 15 additional days Flexible working: We welcome applicants who are looking for flexible working arrangements Enhanced parental leave: offers up to 26 weeks for maternity, adoption and shared parental leave -enhancements are available for paternity leave, neonatal leave and fertility testing and treatments Facilities: Fantastic site facilities including subsidised meals, free car parking and much more Healthcare Cash Plan: The Healthcare Cash Plan benefit provides the option to claim cash back on everyday healthcare expenses such as optical, dental, health and wellbeing and more . The opportunity: The CERT Incident Responder is responsible for leading digital forensics and incident response (DFIR) readiness. While also advancing the organisation's Adversarial Exposure Validation (AEV)- including Red and Purple Team activities. The role ensures detection, response, and control validation against real-world threat actor tactics, techniques, and procedures (TTPs). This is a Next step role for an experienced Analyst with a passion for Incident response and Threat mitigation. Essentials: Lead digital forensics and incident response (DFIR) activities, ensuring lab readiness, artefact management, and delivery of forensic objectives. Maintain and enhance forensic tools and environments (e.g., Magnet Axiom, Autopsy) to ensure operational capability. Conduct detailed forensic analysis, malware reverse engineering, and cyber investigation of complex incidents. Ensure effective chain of custody, artefact preservation, and evidence handling processes. Maintain accurate digital forensics documentation, incident playbooks, and readiness rehearsal materials. Lead and execute tabletop exercises (TTEx) to test and improve incident response and forensic readiness. Perform network and endpoint investigations, including AV scans, incident remediation, and validation of security alerts. Collaborate with IM/DEx and Security Operations to enhance incident reporting, alerting, and notification services. Deputise for CERT responders during major incidents or third-party attacks, coordinating with national and international partners (e.g., NCPC). Develop and maintain enterprise security documentation, including policies, standards, baselines, and playbooks. Desirables: Identify root causes of security incidents and recommend sustainable mitigation strategies. Manage remediation and closure of security cases, ensuring timely implementation of corrective actions. Develop and maintain threat scenarios to validate detection and response across SOC, EDR, SIEM, and XDR platforms. Translate threat intelligence into testable hypotheses and simulation exercises in collaboration with Threat Intelligence teams. Utilise adversarial emulation tools (Caldera, Atomic Red Team, AttackIQ, SCYTHE, Cobalt Strike, etc.) to replicate realistic attacker behaviours. Research and integrate emerging threats and TTPs into adversary emulation and validation methodologies. Produce detailed reporting and metrics on detection coverage, response performance, and control effectiveness. Support the wider IM/DEx team by validating new or updated controls against advanced threat simulations. Support SOC operations with investigation, alert triage, and implementation of lessons learned from adversarial validation and DFIR activities. Research and evaluate emerging security tools, technologies, and methodologies; provide gap analysis and recommendations to influence investment. Deliver metrics, dashboards, and reports demonstrating adversarial resilience and capability maturity. Contribute to small-to-medium cyber projects enhancing threat detection, emulation, and response maturity. What we're looking for from you: Demonstratable experience handling incidents, such as: Ransomware containment + remediation Business email compromise investigations Cloud account takeover Insider threat events Large-scale phishing attacks Leading incident response calls, advising leadership, and writing executive summaries Our company: Peace is not a given, Freedom is not a given, Sovereignty is not a given MBDA is a leading defence organisation. We are proud of the role we play in supporting the Armed Forces who protect our nations. We partner with governments to work together towards a common goal, defending our freedom. We are proud of our employee-led networks, examples include: Gender Equality, Pride, Menopause Matters, Parents and Carers, Armed Forces, Ethnic Diversity, Neurodiversity, Disability and more We recognise that everyone is unique, and we encourage you to speak to us should you require any advice, support or adjustments throughout our recruitment process. Follow us on LinkedIn (MBDA), X Instagram (MBDA_UK) and Glassdoor or visit our MBDA Careers website for more information. JBRP1_UKTJ
