Director / Head of Security Operations (Greenfield SOC Build - Central Government) Contract: 2+ Years Location: UK Hybrid / Remote Clearance: SC Desirable Sector: Central Government / Cyber Security Leadership Position Overview This appointment represents a rare opportunity to lead the establishment of a new, world-class Security Operations capability for a major central government organisation. The Director / Head of Security Operations will take ownership of defining the vision, shaping the security operating environment, and leading the implementation of a fully modernised SOC that underpins high-assurance digital services at national scale. Rather than inheriting an existing function, the successful candidate will design and build the SOC from the ground up-setting strategic direction, selecting and integrating technologies, forming specialist teams, and embedding a proactive, intelligence-led security culture. This role requires a senior cyber leader who has successfully created or transformed SOC environments in government or other highly regulated sectors and who is comfortable operating at the intersection of strategy, architecture, and operational delivery. Core Areas of Accountability 1. Strategic Leadership and SOC Direction Establish the long-term vision, purpose, and operating construct for a modern, scalable SOC capable of supporting sensitive, high-volume government digital services. Set out the capability roadmap, defining service layers, command structure, resourcing needs, and maturity targets. Produce a SOC blueprint that supports reuse, standardisation, and extensibility across wider government environments. 2. Creation of the SOC Capability Build out the full operational capability, including monitoring, detection engineering, cyber analytics, threat intelligence, forensics, and incident response. Lead the selection, integration, and alignment of tools, platforms, and cloud-native services into a unified security ecosystem. Embed automation-first and AI-enhanced approaches to uplift detection, response speed, and operational resilience. 3. Security Governance, Assurance and Risk Ownership Provide authoritative leadership across cyber risk, operational assurance, investigative processes, and security governance frameworks. Ensure the SOC supports stringent data protection, identity management, and access control requirements, including PIM/PAM. Develop coherent processes for resilience, escalation, containment, and recovery across critical services. 4. Supplier, SME and Ecosystem Coordination Direct a blended model of internal teams, external partners, SMEs, and specialist consultancies. Hold delivery partners to account for performance, quality, and alignment with the SOC strategy. Oversee the technical and commercial evolution of services delivered under multi-year Statements of Work. 5. Stakeholder Influence and Organisational Alignment Act as the senior cyber representative for the programme, engaging Directors, C-level leaders, digital delivery groups, architects, and operational teams. Shape security behaviours, embed best practice, and develop a culture of proactive defence across the organisation. Support wider transformation initiatives by advising on security patterns, architectural direction, and investment priorities. Required Background and Expertise Leadership experience as Head of SOC, SOC Director, or senior cyber operations leader within central government or a high-assurance regulated environment. Proven track record of building SOC capabilities from scratch, including technology architecture, operating models, and service frameworks. Deep knowledge of SOC functions, cloud-native defence approaches, security engineering practices, and modern detection and response architectures. Strong understanding of identity security, privileged access, data protection controls, and secure-by-design principles. Experience governing multi-supplier environments and leading multidisciplinary cyber teams. Strong familiarity with cloud platforms (including Azure, AWS and multi-cloud), automation tooling, Terraform, CI/CD pipelines, GitHub, and security-focused scripting such as Python or JavaScript. Desirable Attributes Experience contributing to or defining AI-related security strategies, including risk assessment and regulatory interpretation. Background developing reusable or exemplar operating models that can scale across multiple business units or departments. Ability to thrive in an environment undergoing significant modernisation and organisational change. If interested, please apply and I will be in touch to set up a confidential conversation later today. GCS is acting as an Employment Business in relation to this vacancy.
10/12/2025
Contractor
Director / Head of Security Operations (Greenfield SOC Build - Central Government) Contract: 2+ Years Location: UK Hybrid / Remote Clearance: SC Desirable Sector: Central Government / Cyber Security Leadership Position Overview This appointment represents a rare opportunity to lead the establishment of a new, world-class Security Operations capability for a major central government organisation. The Director / Head of Security Operations will take ownership of defining the vision, shaping the security operating environment, and leading the implementation of a fully modernised SOC that underpins high-assurance digital services at national scale. Rather than inheriting an existing function, the successful candidate will design and build the SOC from the ground up-setting strategic direction, selecting and integrating technologies, forming specialist teams, and embedding a proactive, intelligence-led security culture. This role requires a senior cyber leader who has successfully created or transformed SOC environments in government or other highly regulated sectors and who is comfortable operating at the intersection of strategy, architecture, and operational delivery. Core Areas of Accountability 1. Strategic Leadership and SOC Direction Establish the long-term vision, purpose, and operating construct for a modern, scalable SOC capable of supporting sensitive, high-volume government digital services. Set out the capability roadmap, defining service layers, command structure, resourcing needs, and maturity targets. Produce a SOC blueprint that supports reuse, standardisation, and extensibility across wider government environments. 2. Creation of the SOC Capability Build out the full operational capability, including monitoring, detection engineering, cyber analytics, threat intelligence, forensics, and incident response. Lead the selection, integration, and alignment of tools, platforms, and cloud-native services into a unified security ecosystem. Embed automation-first and AI-enhanced approaches to uplift detection, response speed, and operational resilience. 3. Security Governance, Assurance and Risk Ownership Provide authoritative leadership across cyber risk, operational assurance, investigative processes, and security governance frameworks. Ensure the SOC supports stringent data protection, identity management, and access control requirements, including PIM/PAM. Develop coherent processes for resilience, escalation, containment, and recovery across critical services. 4. Supplier, SME and Ecosystem Coordination Direct a blended model of internal teams, external partners, SMEs, and specialist consultancies. Hold delivery partners to account for performance, quality, and alignment with the SOC strategy. Oversee the technical and commercial evolution of services delivered under multi-year Statements of Work. 5. Stakeholder Influence and Organisational Alignment Act as the senior cyber representative for the programme, engaging Directors, C-level leaders, digital delivery groups, architects, and operational teams. Shape security behaviours, embed best practice, and develop a culture of proactive defence across the organisation. Support wider transformation initiatives by advising on security patterns, architectural direction, and investment priorities. Required Background and Expertise Leadership experience as Head of SOC, SOC Director, or senior cyber operations leader within central government or a high-assurance regulated environment. Proven track record of building SOC capabilities from scratch, including technology architecture, operating models, and service frameworks. Deep knowledge of SOC functions, cloud-native defence approaches, security engineering practices, and modern detection and response architectures. Strong understanding of identity security, privileged access, data protection controls, and secure-by-design principles. Experience governing multi-supplier environments and leading multidisciplinary cyber teams. Strong familiarity with cloud platforms (including Azure, AWS and multi-cloud), automation tooling, Terraform, CI/CD pipelines, GitHub, and security-focused scripting such as Python or JavaScript. Desirable Attributes Experience contributing to or defining AI-related security strategies, including risk assessment and regulatory interpretation. Background developing reusable or exemplar operating models that can scale across multiple business units or departments. Ability to thrive in an environment undergoing significant modernisation and organisational change. If interested, please apply and I will be in touch to set up a confidential conversation later today. GCS is acting as an Employment Business in relation to this vacancy.
Cyber Security & Centralised Services Manager Location: London Bridge Company: Managed Service Provider (MSP) This role will be office-based for the first 3 6 months, with the option to move to a hybrid working arrangement thereafter. Our client is a well-established MSP based in London Bridge. They are a close-knit team of 30 IT professionals delivering end-to-end technology services and support to a diverse range of clients, with a strong emphasis on cybersecurity, resilience and regulatory compliance. The Opportunity: We are seeking an experienced Cyber Security & Centralised Services Managerwith a strong cybersecurity focus to join our growing technical team. In this pivotal role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware infections, ransomware attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives, helping them meet regulatory and industry security standards. Cyber Security & Centralised Services Manager Key Skills & Experience: Proven experience in a 3rd Line / Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud security architectures. Hands-on experience with endpoint protection, EDR/MDR/XDR platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Strong communication skills with the ability to present technical and security findings to non-technical stakeholders and clients. Proactive mindset in threat hunting, risk assessments and continuous improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator / Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part of a technically strong, supportive and collaborative security-conscious team in central London. Play a key role in strategic security projects, incident response and continuous improvement initiatives. Access ongoing training, certifications and professional development in cybersecurity. Join a company that holds the core values of Honesty, Accountability, Commitment, Innovation, Expertise and Collaboration
09/12/2025
Full time
Cyber Security & Centralised Services Manager Location: London Bridge Company: Managed Service Provider (MSP) This role will be office-based for the first 3 6 months, with the option to move to a hybrid working arrangement thereafter. Our client is a well-established MSP based in London Bridge. They are a close-knit team of 30 IT professionals delivering end-to-end technology services and support to a diverse range of clients, with a strong emphasis on cybersecurity, resilience and regulatory compliance. The Opportunity: We are seeking an experienced Cyber Security & Centralised Services Managerwith a strong cybersecurity focus to join our growing technical team. In this pivotal role, you will: Act as the primary escalation point for complex IT and cybersecurity incidents. Manage and secure core client infrastructure and cloud environments. Ensure centralised security, monitoring, and incident response platforms operate effectively. You will collaborate closely with our Service Desk, Projects and Account Management teams to maintain high standards of service, document solutions and mentor junior engineers in line with cybersecurity best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Key Responsibilities Cyber Security & Centralised Services Manager: Serve as the primary escalation point for complex IT and cybersecurity incidents, including malware infections, ransomware attacks, phishing attempts, and unauthorised access events. Monitor, analyse, and respond to alerts from client security platforms (MDR/XDR, SentinelOne, Huntress, Fortinet, Mimecast, Avanan, Defender) to ensure rapid threat mitigation. Conduct vulnerability assessments, risk analyses and security audits across client environments, providing actionable recommendations and remediation guidance. Implement and maintain security hardening across infrastructure, cloud services, endpoints, and networks, in alignment with best practices and frameworks such as ISO27001, NIST, and Cyber Essentials Plus. Lead and coordinate incident response efforts, including root cause analysis, threat containment and post-incident reporting for clients. Collaborate with the Project and Service Desk teams to embed security into deployments, migrations, upgrades, and automation workflows, ensuring systems remain secure by design. Maintain and improve Standard Operating Procedures (SOPs) for security operations, ensuring knowledge is shared across the team for rapid incident handling. Provide mentorship and cybersecurity guidance to junior engineers and Service Desk staff, fostering a culture of security awareness and proactive threat management. Perform ongoing threat intelligence monitoring and security trend analysis to anticipate risks and protect client environments. Support clients in security reporting, compliance reviews, and continuous improvement initiatives, helping them meet regulatory and industry security standards. Cyber Security & Centralised Services Manager Key Skills & Experience: Proven experience in a 3rd Line / Senior Engineer role within an MSP or security-focused IT environment, supporting multiple clients and environments. Strong knowledge of Microsoft technologies (Azure, Microsoft 365, SharePoint, Intune/Entra) with a focus on security configuration, hardening and monitoring. In-depth understanding of networking, firewalls, VPNs, Windows Server, Active Directory and hybrid cloud security architectures. Hands-on experience with endpoint protection, EDR/MDR/XDR platforms, email security, RMM tools, and centralised monitoring systems. Familiarity with security frameworks and compliance standards, including Cyber Essentials, Cyber Essentials Plus, ISO27001, NIST, and GDPR requirements. Skilled in vulnerability management, threat detection, incident response, and remediation planning, including experience with ransomware and phishing mitigation. Strong communication skills with the ability to present technical and security findings to non-technical stakeholders and clients. Proactive mindset in threat hunting, risk assessments and continuous improvement of client security posture. Mentorship and leadership experience, providing cybersecurity guidance to junior engineers and Service Desk teams. Cyber Security & Centralised Services Manager - Desirable Certifications: Microsoft Certified: Azure Administrator / Solutions Expert CompTIA Security+, CISSP, CISM or equivalent cybersecurity qualification ITIL Foundation Vendor-specific certifications (Fortinet, SentinelOne, Datto, Mimecast, Huntress, etc.) Why Join the Company: Be part of a technically strong, supportive and collaborative security-conscious team in central London. Play a key role in strategic security projects, incident response and continuous improvement initiatives. Access ongoing training, certifications and professional development in cybersecurity. Join a company that holds the core values of Honesty, Accountability, Commitment, Innovation, Expertise and Collaboration
Senior Security Engineer Microsoft Solutions Partner Edinburgh Highly Competitive Pay, Performance Bonus + Exceptional Benefits Strengthen Defences. Hunt Threats. Shape the Future of Cybersecurity. Are you ready to take your cyber security expertise to the next level? Join Quorum, a leading Microsoft Solutions Partner and Tier 1 CSP based in Scotland. We re not your average IT consultancy we re employee-owned, award-winning, and proud holders of 5 out of 6 Microsoft Designations and 3 Specialisations in Cloud Security, Identity & Access Management, and Microsoft Teams Calling. Now, we re growing our Managed Security Services team and looking for a Senior Security Engineer with a passion for proactive threat detection, automation, and innovation. Why Join Quorum? Highly competitive salary + Bonus scheme linked to Microsoft accreditations Flexible holiday buying/selling Home broadband paid Private health care & contributory pension Dedicated technical training budget and development pathways Award-winning family-friendly and flexible working culture A genuinely friendly, collaborative team environment with low turnover What You'll Be Doing: As a Senior Security Engineer, you'll be a key player in our mission to protect, detect, and respond to evolving cyber threats. Your day-to-day will include: Leading as an escalation point for cyber incidents and alerts Integrating threat intelligence into Microsoft Defender and Sentinel Developing, tuning, and managing detection rules and response policies Performing threat hunting across client environments Maintaining and optimising our security tech stack (Defender XDR, Sentinel, Entra ID, Azure, M365) Onboarding clients to security platforms and managing secure configurations Supporting internal and client teams with technical reporting and analysis Mentoring junior engineers and contributing to a culture of continuous improvement What We re Looking For: 3+ years in cyber security, ideally within a Managed Service Provider Deep experience with Microsoft Defender suite (MDE, MDO, MDCA, MDI) and Microsoft Sentinel Strong knowledge of KQL, Logic Apps, and automation/orchestration tools Skilled in endpoint, identity, and cloud security Familiar with Microsoft 365 and Azure security best practices Excellent communicator comfortable explaining complex security risks to both tech teams and business leaders Passion for learning, team mentorship, and staying ahead of cyber threats Bonus points if you hold certifications such as SC-100, SC-200, CompTIA Security+, or Network+ What s Next? If you re an experienced security engineer who thrives in a fast-paced, supportive environment and you re ready to help shape the future of cyber defence for a diverse client base we want to hear from you. Apply today and make your next career move your best yet.
03/12/2025
Full time
Senior Security Engineer Microsoft Solutions Partner Edinburgh Highly Competitive Pay, Performance Bonus + Exceptional Benefits Strengthen Defences. Hunt Threats. Shape the Future of Cybersecurity. Are you ready to take your cyber security expertise to the next level? Join Quorum, a leading Microsoft Solutions Partner and Tier 1 CSP based in Scotland. We re not your average IT consultancy we re employee-owned, award-winning, and proud holders of 5 out of 6 Microsoft Designations and 3 Specialisations in Cloud Security, Identity & Access Management, and Microsoft Teams Calling. Now, we re growing our Managed Security Services team and looking for a Senior Security Engineer with a passion for proactive threat detection, automation, and innovation. Why Join Quorum? Highly competitive salary + Bonus scheme linked to Microsoft accreditations Flexible holiday buying/selling Home broadband paid Private health care & contributory pension Dedicated technical training budget and development pathways Award-winning family-friendly and flexible working culture A genuinely friendly, collaborative team environment with low turnover What You'll Be Doing: As a Senior Security Engineer, you'll be a key player in our mission to protect, detect, and respond to evolving cyber threats. Your day-to-day will include: Leading as an escalation point for cyber incidents and alerts Integrating threat intelligence into Microsoft Defender and Sentinel Developing, tuning, and managing detection rules and response policies Performing threat hunting across client environments Maintaining and optimising our security tech stack (Defender XDR, Sentinel, Entra ID, Azure, M365) Onboarding clients to security platforms and managing secure configurations Supporting internal and client teams with technical reporting and analysis Mentoring junior engineers and contributing to a culture of continuous improvement What We re Looking For: 3+ years in cyber security, ideally within a Managed Service Provider Deep experience with Microsoft Defender suite (MDE, MDO, MDCA, MDI) and Microsoft Sentinel Strong knowledge of KQL, Logic Apps, and automation/orchestration tools Skilled in endpoint, identity, and cloud security Familiar with Microsoft 365 and Azure security best practices Excellent communicator comfortable explaining complex security risks to both tech teams and business leaders Passion for learning, team mentorship, and staying ahead of cyber threats Bonus points if you hold certifications such as SC-100, SC-200, CompTIA Security+, or Network+ What s Next? If you re an experienced security engineer who thrives in a fast-paced, supportive environment and you re ready to help shape the future of cyber defence for a diverse client base we want to hear from you. Apply today and make your next career move your best yet.
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
02/12/2025
Contractor
World Class Defence Organisation based in Stevenage, Hertfordshire is currently looking to recruit 8x SOC Threat Detection Analyst subcontractors on an initial 6 month contract. This role can start on an SC Security Clearance basis, however DV Clearance will be required down the line. This role would suit someone from a Cyber Security Analyst, SOC Analyst or Threat Detection Analyst background. Hourly Rate: 45ph - 85 per hour. There are 8 positions being recruited across the mid-senior level. Overtime rate of time and a quarter. Contract Duration: 6 Months initially and long-term thereafter. Shift pattern: 28 day Cycle Sat to Tue - Earlies (Apply online only) Wed to Sun - Off Mon to Fri - Lates (Apply online only) Sat to Tue Off Wed to Sun - Nights (Apply online only) (The type of shift rotates along the pattern through, so the start of the next 28 day cycle they start with lates -> Nights -> earlies then next cycle: Nights -> earlies -> lates) 28 days = 4 weeks, 14 days worked per 28 days, 3.5 days worked per week, 3.5 x 8 = 28 hours per week Initially may not be expected to do nights until team grows. SOC Threat Detection Analyst Job Description: An opportunity has arisen in the cyber security operations centre (SOC) within Information Management (IM) for a SOC Threat Detection Analyst. Supporting the Senior SOC analysts in assisting IM meet the challenges and demands of countering the Cyber Threat. The successful applicant will drive a proactive ethos in an ever-changing cyber security environment and provide robust threat detection and analysis within the 24x7 SOC. Responsibilities: To support the SOC Manager in assisting Information Management UK meet the challenges and demands of countering the Cyber Threat. Support for the operational functions of the UK SOC. To work with other UK SOC members, including the UK InfoSec Team and the IM Domains (Customer Support and Infrastructure / Information Systems). It will cover analysis, monitoring, reporting, alerting and investigation activity utilising a wide variety of security platforms including AI/ML and behavioural analytics, SIEM (Security Information Event Management), Network Packet Capture platform, Anti Malicious Code, Threat Detection technologies and platforms across the UK Network Perimeter working with the best standard technologies. The SOC Analyst reports to the SOC Manager. The SOC Analyst conducts a range of analysis and assists the incident response team with investigations that need to be escalated to an embedded member of staff. The SOC Analyst key responsibilities are: Effective Tier 1 to 2 alert triage of security events Monitoring of Cyber Security tools Monitoring the SOC email notification mailboxes Assists with the maintenance of Security technologies Assisting the SOC Solutions Lead with project activity Assist proactive threat hunting in collaboration with the CTI function Assist IR in HR and InfoSec related investigations Ensure the timely triage and remediation of any incident or request tickets raised to the SOC Participate in the activity of adding/removing URLs from the AcceptList and BlockList Attend routine security meetings Conduct activities in line with SOC Maturity and continuous improvement Skillset/experience required (Baseline): A career background in Cyber Security. Security awareness and experience in all areas of IT, primarily Network Security, Infrastructure and the secondary area being Operating Systems & Applications. Knowledge of IT Security standard methodologies. Demonstrable understanding of the OSI Reference Model and the network communication protocols, including but not limited to DNS, HTTP/S, SSL, SMTP, FTP/S, LDAP/S. Demonstrable experience with Security Information Event Monitoring Tools and/or Network Packet Capture tools. Hands on experience with IDS/IPS technologies and threat hunting activities. Strong analytical experience and mind-set. Experience within Defensive Cyber-attack methodologies and frameworks. Understanding of Malware capabilities, attack vectors, propagation and impact. Good communication skills liaising with the business and suppliers. Desirable Skillset/experience (Senior grade): Root cause analysis and leading T2 incident investigations Process / Playbook / Runbook development Working knowledge of detection engineering, false positive improvements Capability to tune SIEM rules or create custom detections Scripted automation experience e.g. Python, SOAR, PowerShell Threat modelling and Hunting methodologies
Senior Information Security Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. You will design, implement, and optimize security controls, monitor threats, and lead remediation efforts across the organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement secure solutions. Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong analytical, problem-solving, and communication skills. Relevant certifications highly desirable (AZ-500, SC-200, CEH, Security+, etc.).
01/12/2025
Full time
Senior Information Security Analyst Are you passionate about building secure cloud environments and driving proactive security solutions? We re looking for a highly skilled Information Security Analyst with strong expertise in Azure cloud security, Microsoft Sentinel, and Tenable to join a growing security team. As an Information Security Analyst, you will play a key role in safeguarding cloud environments. You will design, implement, and optimize security controls, monitor threats, and lead remediation efforts across the organisation. This is a hands-on role suited to someone who enjoys solving complex security challenges and driving continuous improvement. Key Responsibilities Lead the design and implementation of Azure security best practices, policies, and controls. Manage and optimise Microsoft Sentinel SIEM, including rule creation, use-case development, automation, and threat hunting. Oversee vulnerability management activities using Tenable, ensuring timely identification, prioritisation, and remediation of risks. Support incident response activities, including investigation, containment, and root-cause analysis. Conduct security assessments, recommend improvements, and work with engineering and IT teams to implement secure solutions. Continuously assess cloud environments for misconfigurations, threats, and compliance gaps. Prepare security reports, dashboards, and metrics for leadership and stakeholders. Skills & Experience Required Strong hands-on experience with Azure Security Centre, Azure AD, Defender for Cloud, and cloud security architecture. Proven expertise in Microsoft Sentinel SIEM administration, threat detection, and automation (KQL experience desirable). Solid understanding of vulnerability management with Tenable (Tenable.io/Tenable.sc). Knowledge of industry security frameworks (ISO 27001, NIST, CIS). Strong analytical, problem-solving, and communication skills. Relevant certifications highly desirable (AZ-500, SC-200, CEH, Security+, etc.).
A Council in London are seeking an Azure CloudOps Engineer to design, deploy, and maintain highly resilient, secure, and cost-optimised cloud infrastructure and services on Microsoft Azure. This role is responsible for establishing and adhering to strict UK Government Digital Service (GDS) reliability standards and implementing rigorous FinOps governance policies. The engineer must drive operational excellence through comprehensive automation and proactive Site Reliability Engineering (SRE) practices. The role is for 6 months paying around (Apply online only)pd (outside IR35). Responsibilities: Service Reliability Engineering (SRE) Implementation: The engineer is required to define, actively monitor, and regularly report on critical Service Level Indicators (SLIs) to ensure all services meet defined Service Level Objectives (SLOs) for critical user journeys, ensuring compliance with GDS standards. This involves leading measurement workshops with product and delivery teams. Incident and Problem Management Leadership: Leading the technical response and resolution for high-priority cloud incidents (P1 and P2). The role demands integrating Azure Monitor and Azure Service Health alerts directly with the Council's ITSM platform to automatically generate tickets and drive continuous operational improvements aimed at minimising Mean Time to Resolution (MTTR). Automation and Infrastructure-as-Code (IaC) Development: Developing, testing, and maintaining reusable IaC templates (specifically Bicep or Terraform) for standardising infrastructure deployment. This includes creating robust PowerShell and Python Runbooks within Azure Automation for routine configuration management, scheduled maintenance, and automated incident remediation actions. Security Operations (SecOps) and Threat Response: Implementing proactive threat detection and automated security response capabilities. This involves active utilisation of Microsoft Defender for Cloud (for CSPM and CWPP) and Microsoft Sentinel, developing automated security workflows and playbooks using Azure Logic Apps to enforce security policy. Financial Operations (FinOps) and Cost Governance: Accountability for continuous Usage Optimisation, including reviewing resource sizing and implementing cost allocation policies. The engineer will enforce budget controls and governance via Azure Policy, working collaboratively with Finance and Procurement teams to ensure efficient and auditable use of public funds. The role of an Interim Azure Cloud Operations Engineer is a highly specialised senior position that demands expertise across traditional operations, Site Reliability Engineering, and Financial Operations.
26/11/2025
Contractor
A Council in London are seeking an Azure CloudOps Engineer to design, deploy, and maintain highly resilient, secure, and cost-optimised cloud infrastructure and services on Microsoft Azure. This role is responsible for establishing and adhering to strict UK Government Digital Service (GDS) reliability standards and implementing rigorous FinOps governance policies. The engineer must drive operational excellence through comprehensive automation and proactive Site Reliability Engineering (SRE) practices. The role is for 6 months paying around (Apply online only)pd (outside IR35). Responsibilities: Service Reliability Engineering (SRE) Implementation: The engineer is required to define, actively monitor, and regularly report on critical Service Level Indicators (SLIs) to ensure all services meet defined Service Level Objectives (SLOs) for critical user journeys, ensuring compliance with GDS standards. This involves leading measurement workshops with product and delivery teams. Incident and Problem Management Leadership: Leading the technical response and resolution for high-priority cloud incidents (P1 and P2). The role demands integrating Azure Monitor and Azure Service Health alerts directly with the Council's ITSM platform to automatically generate tickets and drive continuous operational improvements aimed at minimising Mean Time to Resolution (MTTR). Automation and Infrastructure-as-Code (IaC) Development: Developing, testing, and maintaining reusable IaC templates (specifically Bicep or Terraform) for standardising infrastructure deployment. This includes creating robust PowerShell and Python Runbooks within Azure Automation for routine configuration management, scheduled maintenance, and automated incident remediation actions. Security Operations (SecOps) and Threat Response: Implementing proactive threat detection and automated security response capabilities. This involves active utilisation of Microsoft Defender for Cloud (for CSPM and CWPP) and Microsoft Sentinel, developing automated security workflows and playbooks using Azure Logic Apps to enforce security policy. Financial Operations (FinOps) and Cost Governance: Accountability for continuous Usage Optimisation, including reviewing resource sizing and implementing cost allocation policies. The engineer will enforce budget controls and governance via Azure Policy, working collaboratively with Finance and Procurement teams to ensure efficient and auditable use of public funds. The role of an Interim Azure Cloud Operations Engineer is a highly specialised senior position that demands expertise across traditional operations, Site Reliability Engineering, and Financial Operations.
About the Role We're looking for a Junior DevSecOps Engineer to join our growing team and help deliver secure, automated solutions across cloud and on-prem environments. This is a fantastic opportunity for someone with 1-5 years of real-world experience who wants to deepen their skills in DevOps, security, and automation while working on impactful projects. You'll work alongside experienced engineers in an Agile environment, contributing to the design, build, and deployment of secure systems. If you're passionate about automation, cloud technologies, and security best practices, this role is for you. What You'll Do Support the design, development, and deployment of secure software and infrastructure. Build and maintain CI/CD pipelines and automate workflows. Work with cloud platforms (AWS, GCP, or Azure) and Infrastructure as Code tools like Terraform. Assist in monitoring, troubleshooting, and resolving issues in development and production environments. Collaborate with cross-functional teams to implement security controls and best practices. Learn and grow by working on real-world projects with senior engineers. What We're Looking For 1-5 years experience in DevOps, DevSecOps, or related engineering roles. Hands-on experience with Linux systems and scripting (Bash, Python, or PowerShell). Familiarity with CI/CD tools (GitHub Actions, Jenkins, CircleCI). Basic understanding of cloud services (AWS, GCP, or Azure). Interest in security principles , threat detection, or incident response. Strong problem-solving skills and willingness to learn. Nice to Have Exposure to containerization (Docker, Kubernetes). Knowledge of monitoring tools (Grafana, Datadog). Experience with SIEM/SOC tools or security automation. Cloud certifications or security training (AWS, GCP, Azure, or similar). To find out more about Computer Futures please visit (url removed) Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
24/11/2025
Full time
About the Role We're looking for a Junior DevSecOps Engineer to join our growing team and help deliver secure, automated solutions across cloud and on-prem environments. This is a fantastic opportunity for someone with 1-5 years of real-world experience who wants to deepen their skills in DevOps, security, and automation while working on impactful projects. You'll work alongside experienced engineers in an Agile environment, contributing to the design, build, and deployment of secure systems. If you're passionate about automation, cloud technologies, and security best practices, this role is for you. What You'll Do Support the design, development, and deployment of secure software and infrastructure. Build and maintain CI/CD pipelines and automate workflows. Work with cloud platforms (AWS, GCP, or Azure) and Infrastructure as Code tools like Terraform. Assist in monitoring, troubleshooting, and resolving issues in development and production environments. Collaborate with cross-functional teams to implement security controls and best practices. Learn and grow by working on real-world projects with senior engineers. What We're Looking For 1-5 years experience in DevOps, DevSecOps, or related engineering roles. Hands-on experience with Linux systems and scripting (Bash, Python, or PowerShell). Familiarity with CI/CD tools (GitHub Actions, Jenkins, CircleCI). Basic understanding of cloud services (AWS, GCP, or Azure). Interest in security principles , threat detection, or incident response. Strong problem-solving skills and willingness to learn. Nice to Have Exposure to containerization (Docker, Kubernetes). Knowledge of monitoring tools (Grafana, Datadog). Experience with SIEM/SOC tools or security automation. Cloud certifications or security training (AWS, GCP, Azure, or similar). To find out more about Computer Futures please visit (url removed) Computer Futures, a trading division of SThree Partnership LLP is acting as an Employment Business in relation to this vacancy Registered office 8 Bishopsgate, London, EC2N 4BQ, United Kingdom Partnership Number OC(phone number removed) England and Wales
ROLE SUMMARY The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise. Our mission is to secure all of Pfizer's information assets ranging from the manufacturing floor to the core data centers and out to the patient facing solutions. We achieve this mission through a team of world-class talent, utilizing top-tier technologies, advanced analytics, and the promotion of a cybersecurity ownership culture across the company. The Cyber Threat Intelligence team works with internal and external partners to reduce risk to Pfizer. The team provides timely situational awareness, conducts in depth analysis of threats, and translates indicators of threat into actionable information to reduce impact to Pfizer. Stakeholders include cybersecurity response teams, internal lines of business, senior leadership, external organizations such as law enforcement, and industry peers and intelligence sharing partners. The Senior Cyber Intelligence Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats, including threat actor tactics, techniques, and procedures (TTPs), to develop a comprehensive picture of the cyber threat landscape, improve Pfizer's security posture, and reduce risk. This individual will provide domain expertise to aid in the effective prioritization and analysis of threats in line with the needs of our stakeholders. The individual will have experience successfully executing all phases of the intelligence lifecycle in support of driving an intelligence led security organization. An ideal candidate for this role will have technical, communication, and interpersonal skills with previous experience mentoring peer CTI analysts and leading CTI initiatives. The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Director, Global Threat Research within the Pfizer Digital Global Information Security organization. ROLE RESPONSIBILITIES Perform intelligence analysis of cyber threat activity through execution of the threat intelligence lifecycle. Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Develop strategic, tactical, and operational intelligence products for stakeholder dissemination in support of priority intelligence requirements. Curate threat intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Present cyber threat intelligence to stakeholders that helps drive both tactical and strategic priorities. Participate in and lead team projects centered around the cyber threat intelligence mission. Mentor peer CTI analysts through on the job training opportunities. Interface with external sharing communities through the sharing of timely and relevant cyber threats. QUALIFICATIONS BS in Information Security, Computer Sciences, Information Systems, Engineering, or equivalent with demonstrable professional experience in a corporate environment. Experience in understanding the techniques of Computer Network Exploitation and Defense (CNE / CND). Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Experience in information analysis and execution of the intelligence lifecycle. Experience developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies. Experience performing technical indicator and TTP analysis using both open and closed source intelligence sources Ability to provide concise and accurate communications (both verbal and written) in disseminated intelligence products. Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts. Experience mentoring peer analysts in all stages of the intelligence lifecycle. Work Location Assignment: Flexible
19/08/2023
Full time
ROLE SUMMARY The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise. Our mission is to secure all of Pfizer's information assets ranging from the manufacturing floor to the core data centers and out to the patient facing solutions. We achieve this mission through a team of world-class talent, utilizing top-tier technologies, advanced analytics, and the promotion of a cybersecurity ownership culture across the company. The Cyber Threat Intelligence team works with internal and external partners to reduce risk to Pfizer. The team provides timely situational awareness, conducts in depth analysis of threats, and translates indicators of threat into actionable information to reduce impact to Pfizer. Stakeholders include cybersecurity response teams, internal lines of business, senior leadership, external organizations such as law enforcement, and industry peers and intelligence sharing partners. The Senior Cyber Intelligence Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats, including threat actor tactics, techniques, and procedures (TTPs), to develop a comprehensive picture of the cyber threat landscape, improve Pfizer's security posture, and reduce risk. This individual will provide domain expertise to aid in the effective prioritization and analysis of threats in line with the needs of our stakeholders. The individual will have experience successfully executing all phases of the intelligence lifecycle in support of driving an intelligence led security organization. An ideal candidate for this role will have technical, communication, and interpersonal skills with previous experience mentoring peer CTI analysts and leading CTI initiatives. The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Director, Global Threat Research within the Pfizer Digital Global Information Security organization. ROLE RESPONSIBILITIES Perform intelligence analysis of cyber threat activity through execution of the threat intelligence lifecycle. Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Develop strategic, tactical, and operational intelligence products for stakeholder dissemination in support of priority intelligence requirements. Curate threat intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Present cyber threat intelligence to stakeholders that helps drive both tactical and strategic priorities. Participate in and lead team projects centered around the cyber threat intelligence mission. Mentor peer CTI analysts through on the job training opportunities. Interface with external sharing communities through the sharing of timely and relevant cyber threats. QUALIFICATIONS BS in Information Security, Computer Sciences, Information Systems, Engineering, or equivalent with demonstrable professional experience in a corporate environment. Experience in understanding the techniques of Computer Network Exploitation and Defense (CNE / CND). Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK. Experience in information analysis and execution of the intelligence lifecycle. Experience developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques, and procedures. Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies. Experience performing technical indicator and TTP analysis using both open and closed source intelligence sources Ability to provide concise and accurate communications (both verbal and written) in disseminated intelligence products. Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts. Experience mentoring peer analysts in all stages of the intelligence lifecycle. Work Location Assignment: Flexible
We are actively recruiting for a Security Consultant to work in our SOC Consulting services, within our Detection & Response (D&R) Practice. Working to support our customers assess their SOC capabilities, align on the right direction for meeting their business needs and completing the transformation journey. Remote UK locations are available with occasional travel to either Adarma offices and customer locations. What you'll do For our customers, you'll be both a true partner and a trusted source of expert insight and advice. Leading on either one critical security area or broader strategic challenges, you'll understand and analyse their needs, before recommending the right way forward. you'll also scope complex projects and support the development and implementation of new solutions. And you'll drive our own progress too mentoring a team and helping our pre-sales team develop new opportunities for us to make an impact. How you'll grow We have a strong culture of learning and development, so you'll have plenty of opportunity to grow in your specialist area and beyond. In time, you could progress to Senior Consultant, or focus more on your technical skills in a senior engineer or architect role. What you'll bring You have a solid knowledge of security operations processes and tools plus best practice in fields such as SIEM solution design, use case development, SOC maturity, XDR/EDR, Log Management and detection testing. Crucially, you re an outstanding communicator and relationship builder too, able to bring the best out of others. Previous experience in the design and reviewing of security detection solutions Experienced in the implementation and management of SIEM, EDR and NDR technologies (eg Splunk, Microsoft Sentinel/Defender, CrowdStrike Falcon/Humio, Google Chronicle, SentinelOne, ArcSight, QRadar, Logrythm, Vectra, ExtraHop, etc) Previous experience in designing and implementing detection and response use cases with data source analysis and onboarding Experience of complex and/or large-scale security detection solutions Previous project experience from a Consultancy perspective; commercial acumen IT Security/Cyber Security project experience A security operations expert with broad experience and CISSP/CISM certification or equivalent, you know how to plan and deliver complex cybersecurity projects. Benefits Excellent compensation and benefits package, including Company Pension, Private Health Care and Cash-Back Plan, Car Leasing Scheme and more Ongoing training and development opportunities, resulting in industry recognised accreditations and qualifications Flexible working hours, occasional home office (where possible) We encourage autonomy and entrepreneurship enabling our consultants and employees to influence the strategy and direction of the business Adarma We began life in 2009, with a fierce determination to make cyber resilience a reality for every organisation, every day. This has guided us as we've adapted and grown to become one of the UK's leading threat specialists. Our journey is remarkable. But what's ahead is even more inspiring. Together, we're growing and transforming like never before. We're partnering with even more customers and creating more innovative and resilient solutions. And we're taking our thinking and our whole sector further, every single day.
20/09/2022
Full time
We are actively recruiting for a Security Consultant to work in our SOC Consulting services, within our Detection & Response (D&R) Practice. Working to support our customers assess their SOC capabilities, align on the right direction for meeting their business needs and completing the transformation journey. Remote UK locations are available with occasional travel to either Adarma offices and customer locations. What you'll do For our customers, you'll be both a true partner and a trusted source of expert insight and advice. Leading on either one critical security area or broader strategic challenges, you'll understand and analyse their needs, before recommending the right way forward. you'll also scope complex projects and support the development and implementation of new solutions. And you'll drive our own progress too mentoring a team and helping our pre-sales team develop new opportunities for us to make an impact. How you'll grow We have a strong culture of learning and development, so you'll have plenty of opportunity to grow in your specialist area and beyond. In time, you could progress to Senior Consultant, or focus more on your technical skills in a senior engineer or architect role. What you'll bring You have a solid knowledge of security operations processes and tools plus best practice in fields such as SIEM solution design, use case development, SOC maturity, XDR/EDR, Log Management and detection testing. Crucially, you re an outstanding communicator and relationship builder too, able to bring the best out of others. Previous experience in the design and reviewing of security detection solutions Experienced in the implementation and management of SIEM, EDR and NDR technologies (eg Splunk, Microsoft Sentinel/Defender, CrowdStrike Falcon/Humio, Google Chronicle, SentinelOne, ArcSight, QRadar, Logrythm, Vectra, ExtraHop, etc) Previous experience in designing and implementing detection and response use cases with data source analysis and onboarding Experience of complex and/or large-scale security detection solutions Previous project experience from a Consultancy perspective; commercial acumen IT Security/Cyber Security project experience A security operations expert with broad experience and CISSP/CISM certification or equivalent, you know how to plan and deliver complex cybersecurity projects. Benefits Excellent compensation and benefits package, including Company Pension, Private Health Care and Cash-Back Plan, Car Leasing Scheme and more Ongoing training and development opportunities, resulting in industry recognised accreditations and qualifications Flexible working hours, occasional home office (where possible) We encourage autonomy and entrepreneurship enabling our consultants and employees to influence the strategy and direction of the business Adarma We began life in 2009, with a fierce determination to make cyber resilience a reality for every organisation, every day. This has guided us as we've adapted and grown to become one of the UK's leading threat specialists. Our journey is remarkable. But what's ahead is even more inspiring. Together, we're growing and transforming like never before. We're partnering with even more customers and creating more innovative and resilient solutions. And we're taking our thinking and our whole sector further, every single day.
The job on offer Capgemini provides security services to a UK headquartered global company, as part of these services we operate a 24 7 365 Security Operations Centre (SOC) solely dedicated to this customer. The role is a security analyst as a member of the SOC team based at the client site and you will be focused on the analysis and triage of alerts using a range of security tools. Shift Pattern - 12hour day shifts, 4 day shifts, 4 days off, 4 night shifts, 4 days off. Your role Your primary responsibility is ensuring the security and integrity of our client's IT infrastructures and protecting their information systems across their global IT estate. This will be achieved by taking ownership of and providing end to end resolution of incidents, including detection, triage, malware analysis and remediation as required. For some larger or more complex incidents, you will provide initial investigation and triage, but also provide support to incident response teams and senior management over the longer term. In addition, you will also work with colleagues outside the SOC to provide feedback to assist with the maintenance and tuning of the security tooling and to provide support for reporting to the customer. You will gain experience in the range of security issues and attacks faced by global organisations as well as the use of leading security tools across a large estate. Training is provided both via internal training and external training and certification. Your profile Experience in: Security threats and compromise methods Microsoft server and client technologies Common network technologies Defensive security tools. Desirable: Practical knowledge of defensive security tools such as: Intrusion Detection/Protection systems. End point security solutions. Vulnerability scanning tools. Why Capgemini is unique We realise a Total Reward package should be move than just compensation. At Capgemini we offer range of core and flexible benefits and have a Peer Recognition Portal called Applaud. At Capgemini we don't just believe in Diversity & Inclusion, we actively go out to making it a working reality. Driven by our core values and Active Inclusion Campaign, we build environments where you can bring you whole self to work. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. Get the future you want Growing clients' businesses while building a more sustainable, more inclusive future is a tough ask. But when you join Capgemini, you join a thriving company and become part of a diverse collective of free-thinkers, entrepreneurs and industry experts. A powerful source of energy that drives us all to find new ways technology can help us reimagine what's possible. It's why, together, we seek out opportunities that will transform the world's leading businesses. And it's how you'll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge and always pushing yourself to do better, you'll build the skills you want. And you'll use them to help our clients leverage technology to grow their business and give innovation that human touch the world needs. So, it might not always be easy, but making the world a better place rarely is. Capgemini. Get The Future You Want. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion.
19/09/2022
Full time
The job on offer Capgemini provides security services to a UK headquartered global company, as part of these services we operate a 24 7 365 Security Operations Centre (SOC) solely dedicated to this customer. The role is a security analyst as a member of the SOC team based at the client site and you will be focused on the analysis and triage of alerts using a range of security tools. Shift Pattern - 12hour day shifts, 4 day shifts, 4 days off, 4 night shifts, 4 days off. Your role Your primary responsibility is ensuring the security and integrity of our client's IT infrastructures and protecting their information systems across their global IT estate. This will be achieved by taking ownership of and providing end to end resolution of incidents, including detection, triage, malware analysis and remediation as required. For some larger or more complex incidents, you will provide initial investigation and triage, but also provide support to incident response teams and senior management over the longer term. In addition, you will also work with colleagues outside the SOC to provide feedback to assist with the maintenance and tuning of the security tooling and to provide support for reporting to the customer. You will gain experience in the range of security issues and attacks faced by global organisations as well as the use of leading security tools across a large estate. Training is provided both via internal training and external training and certification. Your profile Experience in: Security threats and compromise methods Microsoft server and client technologies Common network technologies Defensive security tools. Desirable: Practical knowledge of defensive security tools such as: Intrusion Detection/Protection systems. End point security solutions. Vulnerability scanning tools. Why Capgemini is unique We realise a Total Reward package should be move than just compensation. At Capgemini we offer range of core and flexible benefits and have a Peer Recognition Portal called Applaud. At Capgemini we don't just believe in Diversity & Inclusion, we actively go out to making it a working reality. Driven by our core values and Active Inclusion Campaign, we build environments where you can bring you whole self to work. We work with a range of clients all with a unique set of business, technological and societal ambitions. Working for Capgemini you get to be at the forefront of designing future experiences, which truly impact our clients and wider society for the better. Get the future you want Growing clients' businesses while building a more sustainable, more inclusive future is a tough ask. But when you join Capgemini, you join a thriving company and become part of a diverse collective of free-thinkers, entrepreneurs and industry experts. A powerful source of energy that drives us all to find new ways technology can help us reimagine what's possible. It's why, together, we seek out opportunities that will transform the world's leading businesses. And it's how you'll gain the experiences and connections you need to shape your future. By learning from each other every day, sharing knowledge and always pushing yourself to do better, you'll build the skills you want. And you'll use them to help our clients leverage technology to grow their business and give innovation that human touch the world needs. So, it might not always be easy, but making the world a better place rarely is. Capgemini. Get The Future You Want. About Capgemini Capgemini is a global leader in partnering with companies to transform and manage their business by harnessing the power of technology. The Group is guided everyday by its purpose of unleashing human energy through technology for an inclusive and sustainable future. It is a responsible and diverse organization of over 340,000 team members in more than 50 countries. With its strong 55-year heritage and deep industry expertise, Capgemini is trusted by its clients to address the entire breadth of their business needs, from strategy and design to operations, fueled by the fast evolving and innovative world of cloud, data, AI, connectivity, software, digital engineering and platforms. The Group reported in 2021 global revenues of €18 billion.
