Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y £80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
28/04/2026
Full time
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y £80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in Greater Manchester. Be aged 19 or over. Earn below the gross annual wage cap of £32,400. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
28/04/2026
Full time
About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in Greater Manchester. Be aged 19 or over. Earn below the gross annual wage cap of £32,400. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in the West Midlands Be aged 19 or over. Earn below the gross annual wage cap of £34,194. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
23/04/2026
Full time
About the opportunity Gain a government funded certified qualification, and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training's fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers in Greater Manchester are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you'll gain hands-on experience that prepares you for today's fast-growing cyber security and IT roles. Our learners have gone on to roles such as Cyber Security Analyst, Junior Penetration Tester, SOC Analyst, and IT Support, working with companies across tech, logistics, public services, and digital sectors. Course Details Start Date: 27/04 Duration: 14 weeks Format: Online, practical workshops Schedule: 6-9PM What you'll learn Cyber Principles: Understand core frameworks and security principles. Threat Intelligence: Develop expertise to identify risks and analyze threats. Vulnerability Testing: Conduct cyber security testing, identify vulnerabilities, and implement controls. Incident Response: Prepare for and respond to live cyber security incidents. Ethics & Law: Understand legislation and ethical conduct within the cyber security sector. Professional Skills: Build the behaviours required for the modern cyber security workplace. Career Pathway Potential Roles: Trainee Cyber Security Analyst, SOC Analyst, Junior Information Security Officer. Starting Salaries: Typically £22,000 - £35,000 (role dependent). Eligibility This is a government-funded opportunity. To apply, you must: Live in the West Midlands Be aged 19 or over. Earn below the gross annual wage cap of £34,194. Not currently be undertaking other government-funded training. Right to Work: You must have lived in the UK/EU for the last 3 years and have the right to work in the UK (Student/Graduate visas are not eligible). Cost This is a fully-funded course with no fees - complete the training, gain essential cyber security skills.
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
21/04/2026
Full time
Senior Cyber Security Splunk SME Full Time Permanent Fully onsite - Moorgate, London EC2Y 80-92K basic + benefits (5% pension, 25 days hols, life insurance, medical cover) Are you an experienced Splunk SME looking for a new challenge? Do you have a strong background in Splunk, IAM and SOAR with a high-level understanding of wider Splunk ecosystem, along with Incident Management, Python and Powershell skills? Here at ARM, we are recruiting for a full time permanent Splunk SME for a global IT services and consultancy client of ours. Our client: They're a leading business with a global reach that empowers local teams, and they undertake hugely exciting work that is genuinely changing the world. Their advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects. They're a rapidly growing, people-first technology organisation and part of a $1B global service provider delivering end-to-end IT Outsourcing (ITO) and Cyber Defence services to clients across the UK and beyond. Within their Security Practice, they provide a range of services including Managed Detection and Response (MDR), Vulnerability Management, Penetration Testing, Incident Response, and consultancy led Security Advisory services. You'll be joining a team that values learning, celebrates innovation, and supports your career journey every step of the way. The Opportunity: We are looking for a skilled Splunk Specialist to deliver end-to-end Splunk engagements, helping clients build and enhance their security monitoring capabilities. You will lead the full project lifecycle, from requirements gathering and stakeholder engagement through to data onboarding, alert development, and dashboard creation, ensuring solutions are aligned to both business and security objectives. You will bring strong hands-on experience with Splunk Enterprise Security and a proven track record in delivering cybersecurity projects. This includes designing and implementing detection use cases, tuning alerts, and developing dashboards that provide clear, actionable insights for security operations teams. Experience with SOAR and UEBA technologies is advantageous but not essential. This role suits someone who enjoys working in a client-facing environment, solving complex challenges, and contributing to the ongoing evolution of modern Security Operations Centres. What You'll Be Doing: Design, build, and continuously enhance detection capabilities within Splunk across Linux and Windows environments, including log onboarding, normalisation, and enrichment Develop and maintain high-quality detection content such as correlation searches and risk-based alerting within Splunk Enterprise Security Write and optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute to automation and orchestration initiatives (including exposure to SOAR where applicable) Leverage scripting languages such as Python and PowerShell to automate detection logic, enrich data, and integrate with security workflows Provide mentorship and technical guidance to junior engineers, particularly on Splunk backend activities such as data ingestion, parsing, indexing, and troubleshooting Collaborate closely with SOC analysts, incident responders, and global engineering teams to improve detection and response capabilities Apply strong analytical and problem-solving skills to translate threat intelligence into actionable detection use cases and continuously improve security operations What We're Looking For: Essential: Experience working on multiple projects with broad scope, ambiguity, and a high degree of difficulty Demonstrable proficiency across a wide range of IT and cybersecurity technologies Strong knowledge of key cybersecurity domains, including Identity and Access Management and Incident Management High-level analytical ability to solve unusual and complex problems Ability to maintain up-to-date working knowledge of cybersecurity principles and best practices Experience in senior stakeholder management and providing clear, relevant management reporting, professional communication - written and verbal. Eligibility to work in the UK. Desirable: Experience in technology projects such as cyber infrastructure implementation or replacement initiatives Understanding of global program structures, launch plans, timing, and ownership Ability to coach and mentor team members through knowledge transfer and constructive feedback Disclaimer: This vacancy is being advertised by either Advanced Resource Managers Limited, Advanced Resource Managers IT Limited or Advanced Resource Managers Engineering Limited ("ARM"). ARM is a specialist talent acquisition and management consultancy. We provide technical contingency recruitment and a portfolio of more complex resource solutions. Our specialist recruitment divisions cover the entire technical arena, including some of the most economically and strategically important industries in the UK and the world today. We will never send your CV without your permission.
Security Analyst SOC, Tier 2 SOC Analyst to join an award winning managed service provider 24x7 security team. As a Tier 2 Analyst, you will lead the investigation, containment, and coordination of security incidents, working closely with Tier 1 analysts, internal IT teams, and external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability Management • Collaboration and knowledge sharing This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor s degree in computer science, Information Security, Cyber Security or related field with any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), CISSP, BTL1, BTL2 or others are highly desirable but not essential. Office based in Stoke on Trent, shifts, rota basis of 4 days on working - early's, late's and nights. This is an excellent opportunity for an experienced security analyst ready to take the next step with a chance to mentor junior analysts, deepen your technical expertise, and help shape our evolving security posture in a collaborative, hands-on environment.
17/04/2026
Full time
Security Analyst SOC, Tier 2 SOC Analyst to join an award winning managed service provider 24x7 security team. As a Tier 2 Analyst, you will lead the investigation, containment, and coordination of security incidents, working closely with Tier 1 analysts, internal IT teams, and external stakeholders. Taking ownership of complex alerts, support threat hunting and intelligence efforts, and contribute to the refinement of detection rules, playbooks, and response procedures. You will be involved in • Incident Detection & Response • Threat Intelligence and Analysis • Security Monitoring and Detection Engineering • Compliance, Reporting and Documentation • Vulnerability Management • Collaboration and knowledge sharing This would suit an experienced security analyst who has proved experience working in a busy security department, working in security operations. Strong alert triage, incident response, security monitoring, and threat analysis. Experience handling real-world security incidents and working with SIEM, EDR, or vulnerability management tools. Ideally have a strong bachelor s degree in computer science, Information Security, Cyber Security or related field with any SIEM-specific certification or vendor-specific training. Relevant cybersecurity certifications such as Certified Cloud Security Professional (CCSP) or other relevant security certifications, Security+ (CompTIA), CEH (Certified Ethical Hacker), CISSP, BTL1, BTL2 or others are highly desirable but not essential. Office based in Stoke on Trent, shifts, rota basis of 4 days on working - early's, late's and nights. This is an excellent opportunity for an experienced security analyst ready to take the next step with a chance to mentor junior analysts, deepen your technical expertise, and help shape our evolving security posture in a collaborative, hands-on environment.
Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 350 - 380 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6+ Months Cyber Security Operations Analyst (Tier 2) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Security Operations Analyst (Tier 2) to join a newly refurbished CSOC environment and existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require existing skills in Microsoft Defender, Azure and Cofense. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (including 1 in 4 night shifts). Due to the nature of the engagement, only candidates who have been a UK resident for a minimum of 5 years can be considered Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Defender, Azure and Cofense Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques (e.g. Account compromise, malicious payloads) Proven experience of robust incident response within defined SLA's Proven experience using SIEM, EDR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Knowledge of HMG security standards and processes Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft AZ-500, SANS GSOC) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
14/04/2026
Contractor
Cyber Security Operations Analyst (Tier 2) Role: Cyber Security Operations Analyst (Tier 2) Specialism(s): Security Operations, Security Alerts, Security Incident Management, SIEM, Defender, Cofense, Azure, Email Security, Conditional Access Policies, User Authentication, EDR, Playbooks Security Assessment, Vulnerability Analysis, Risk Analysis, SOAR Type: Contract, Daily Rate Pay Rate: 350 - 380 per day (Inside IR35) Location: Remote (UK Only) Start: ASAP/Urgent Duration: 6+ Months Cyber Security Operations Analyst (Tier 2) CPS Group UK are delighted to be working with a leading organisation to appoint a Cyber Security Operations Analyst (Tier 2) to join a newly refurbished CSOC environment and existing team to monitor infrastructure for threats, investigate and respond to security alerts and act as the escalation point for junior analyst queries. The Cyber Security Operations Analyst will respond to verified security incidents and undertake prompt remediation activities to eradicate threats. The Analyst will require existing skills in Microsoft Defender, Azure and Cofense. The Cyber Security Operations Analyst is able to work remotely (UK only) and will be required to work 12 hour shifts on a 4 days on / 4 days off shift pattern (including 1 in 4 night shifts). Due to the nature of the engagement, only candidates who have been a UK resident for a minimum of 5 years can be considered Role Requirements Play an active role in the CSOC Operations team by: o Monitor active SIEM solutions and platforms o Investigate and triage to security alerts and incidents o Be the escalation point for junior analysts, offering knowledge and mentorship where required o Ensure infrastructure and data security through the use of layered security controls (e.g. EDR, Email Security, User Authentication, Conditional Access) o Oversee security assessments across PAM, endpoint, email and cloud security o Provide direct updates to stakeholders regarding security incidents and initiatives o Undertake on-going analysis of emerging threats using TTP's and existing knowledge o Support the production of alert/incident 'playbooks' Required Skills & Experience 3-4+ years' experience in a Security Operations/SOC-based role Hands-on experience with Defender, Azure and Cofense Strong technical understanding of security alert/incident management and threats Knowledge of security threat techniques (e.g. Account compromise, malicious payloads) Proven experience of robust incident response within defined SLA's Proven experience using SIEM, EDR & Email Security tooling Ability to mentor and upskill junior team members Ability to create (or enhance) cyber security playbooks Knowledge of HMG security standards and processes Familiarity with ITIL Various Cyber Security certifications (e.g. Microsoft AZ-500, SANS GSOC) For more information or immediate consideration for this opportunity, please contact Charlie Grant at CPS Group UK on (phone number removed) or email (url removed) By applying to this advert you are giving CPS Group (UK) Ltd authority to hold and process your data for this specific role and any other roles we may deem suitable to you over time. We will not pass your data to any third party without your verbal or written permission to do so. All incoming and outgoing calls are recorded for training and compliance purposes. CPS Group (UK) Ltd is acting as an Employment Agency in relation to this vacancy. Our new privacy policy can be found here (url removed)
About the opportunity Apply, complete the training course, get a certification and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 27.04 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thur 6-9pm What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Eligibility To apply, you must: Live in the West Midlands Be aged 19 or over Earn below the gross annual wage cap of £34,194 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills and career support.
14/04/2026
Full time
About the opportunity Apply, complete the training course, get a certification and career support - no brainer! Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 3) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 27.04 Duration: 14 weeks Format: Online, practical workshops Schedule: Mon-Thur 6-9pm What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Eligibility To apply, you must: Live in the West Midlands Be aged 19 or over Earn below the gross annual wage cap of £34,194 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees complete the training, gain essential cyber security skills and career support.
Job Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote Key Responsibilities Incident Response & Management Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats). Serve as primary incident commander during high?severity events. Oversee triage, impact assessment, containment strategies, and remediation plans. Ensure timely escalation and communication to leadership and relevant stakeholders. Maintain accurate incident logs, timelines, and evidence for audits or legal processes. Threat Analysis & Investigation Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners. Analyse attack vectors, exploits, and root causes. Guide forensic activity where required, ensuring evidence integrity. Governance, Reporting & Continuous Improvement Produce detailed incident reports, executive summaries, and post?incident reviews. Track incident metrics, trends, and lessons learned to improve security posture. Drive improvements in incident response playbooks, processes, and tooling. Ensure incidents are handled in alignment with frameworks such as NIST Stakeholder & Vendor Coordination Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third?party partners. Support customer?facing communication where relevant (for MSSP or managed services environments). Manage relationships with external responders, MSSPs, and law enforcement as applicable. Operational Readiness Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments. Ensure IR documentation is current, accessible, and aligned with business needs. Provide mentoring and support to junior analysts and incident responders. Essential Skills & Experience Proven experience leading complex cyber security incidents in a mid?to?large enterprise or MSSP environment. Strong understanding of attack methodologies, malware behaviour, and adversary TTPs. Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools. Deep knowledge of IR frameworks: Ability to make clear decisions under pressure and command multi?disciplinary response teams. Excellent communication skills, with the ability to convey technical detail to senior leadership.
07/04/2026
Contractor
Job Title - Cyber security incident manager SC cleared or eligible for clearance. 3 month rolling ( likely 1 year) Fully remote Key Responsibilities Incident Response & Management Lead and coordinate major cyber security incidents (e.g., ransomware, data breaches, phishing campaigns, insider threats). Serve as primary incident commander during high?severity events. Oversee triage, impact assessment, containment strategies, and remediation plans. Ensure timely escalation and communication to leadership and relevant stakeholders. Maintain accurate incident logs, timelines, and evidence for audits or legal processes. Threat Analysis & Investigation Direct technical investigations, working with SOC analysts, threat intelligence teams, and external partners. Analyse attack vectors, exploits, and root causes. Guide forensic activity where required, ensuring evidence integrity. Governance, Reporting & Continuous Improvement Produce detailed incident reports, executive summaries, and post?incident reviews. Track incident metrics, trends, and lessons learned to improve security posture. Drive improvements in incident response playbooks, processes, and tooling. Ensure incidents are handled in alignment with frameworks such as NIST Stakeholder & Vendor Coordination Act as the key liaison during incidents with IT, Risk, Legal, Compliance, HR, Communications, and third?party partners. Support customer?facing communication where relevant (for MSSP or managed services environments). Manage relationships with external responders, MSSPs, and law enforcement as applicable. Operational Readiness Support the development and delivery of cyber incident simulations, tabletop exercises, and readiness assessments. Ensure IR documentation is current, accessible, and aligned with business needs. Provide mentoring and support to junior analysts and incident responders. Essential Skills & Experience Proven experience leading complex cyber security incidents in a mid?to?large enterprise or MSSP environment. Strong understanding of attack methodologies, malware behaviour, and adversary TTPs. Experience with SIEM, EDR, SOAR, threat intel platforms, and forensic tools. Deep knowledge of IR frameworks: Ability to make clear decisions under pressure and command multi?disciplinary response teams. Excellent communication skills, with the ability to convey technical detail to senior leadership.
About the opportunity Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 13/04 Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 9:45AM - 2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £23,400 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees. Complete the training and gain essential cyber security skills.
02/04/2026
Full time
About the opportunity Are you ready to launch a career in cyber security? Netcom Training s fully-funded Cyber Security course (NCFE Certificate in Cyber Security Practices, Level 2) equips you with the practical skills employers are actively seeking. From threat intelligence and security testing to incident response and ethical compliance, you ll gain hands-on experience that prepares you for today s fast-growing cyber security and IT roles. Our learners have gone on to roles such as IT support, second line support, junior development, cyber security analysis and business analyst positions, working with companies across tech, logistics, public services and digital sectors. Course Details Start Date: 13/04 Duration: 5 weeks Format: Online, practical workshops Schedule: Mon-Fri 9:45AM - 2:45PM What you ll learn Principles: Understand cyber security principles and core frameworks Threat Intelligence: Develop expertise to identify risks Testing: Conduct cyber security testing, identify vulnerabilities and implement controls Incident Response: Prepare for and respond to cyber security incidents Ethics: Understand legislation and ethical conduct within cyber security Professional Skills: Build professional skills and behaviours for the sector Protection: Gain practical knowledge to protect and secure digital environments Potential Roles Cyber Security Analyst IT Support Technician Junior Penetration Tester SOC Analyst Eligibility To apply, you must: Live in the Sheffield area Be aged 19 or over Earn below the gross annual wage cap of £23,400 Not currently be undertaking other government-funded training Not be in the UK on a student, graduate, postgraduate, or sponsored visa, or as a dependent Cost This is a fully-funded course with no fees. Complete the training and gain essential cyber security skills.
We are currently recruiting for Senior Cyber Security Analysts and Associate Security Analysts - both working a 3-month contract for our client 3 days per week on-site in London. As a senior security analyst with responsibility for incident response, you will: lead the investigation of security alerts to understand the nature and extent of possible cyber incidents lead the forensic analysis of systems, files, network traffic and cloud environments lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions support the wider coordination of cyber incidents review previous incidents to identify lessons and actions identify and deliver opportunities for continual improvement of the incident response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities develop and update internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, security analysts be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: significant experience investigating and responding to cyber incidents significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents experience managing and coordinating the response to cyber incidents experience coaching and mentoring junior staff an in-depth understanding of the tools, techniques and procedures used by threat actors excellent analytical and problem solving skills excellent verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS As an associate security analyst you will: triage and investigate cyber security alerts and reports from users use a variety of techniques to analyse systems, files, network traffic and cloud environments and understand the nature and extent of possible cyber incidents support the technical response to cyber incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions support the coordination of cyber incidents contribute to post-incident reviews to identify lessons and actions identify opportunities for, and support the delivery of, continual improvements to the incident investigation and response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities contribute to internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, apprentice security analysts be responsible for line management of apprentice security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join We're interested in people who have: experience investigating and responding to cyber incidents experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) an understanding of the tools, techniques and procedures commonly used by threat actors good analytical and problem-solving skills good verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS If you feel you have the skills and experience needed for this role; please do apply now.
06/10/2025
Contractor
We are currently recruiting for Senior Cyber Security Analysts and Associate Security Analysts - both working a 3-month contract for our client 3 days per week on-site in London. As a senior security analyst with responsibility for incident response, you will: lead the investigation of security alerts to understand the nature and extent of possible cyber incidents lead the forensic analysis of systems, files, network traffic and cloud environments lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions support the wider coordination of cyber incidents review previous incidents to identify lessons and actions identify and deliver opportunities for continual improvement of the incident response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities develop and update internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, security analysts be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: significant experience investigating and responding to cyber incidents significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents experience managing and coordinating the response to cyber incidents experience coaching and mentoring junior staff an in-depth understanding of the tools, techniques and procedures used by threat actors excellent analytical and problem solving skills excellent verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS As an associate security analyst you will: triage and investigate cyber security alerts and reports from users use a variety of techniques to analyse systems, files, network traffic and cloud environments and understand the nature and extent of possible cyber incidents support the technical response to cyber incidents by identifying and implementing (or supporting the implementation of) containment, eradication and recovery actions support the coordination of cyber incidents contribute to post-incident reviews to identify lessons and actions identify opportunities for, and support the delivery of, continual improvements to the incident investigation and response capability work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities contribute to internal plans, playbooks and knowledge base articles act as an escalation point for, and provide coaching and mentoring to, apprentice security analysts be responsible for line management of apprentice security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join We're interested in people who have: experience investigating and responding to cyber incidents experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience with SIEM tools (experience of Splunk preferred but experience of Microsoft Sentinel or an equivalent SIEM tool is acceptable) an understanding of the tools, techniques and procedures commonly used by threat actors good analytical and problem-solving skills good verbal and written communication skills It's desirable, but not essential, that you have: experience with Splunk experience working in an Agile environment experience with cloud environments such as AWS If you feel you have the skills and experience needed for this role; please do apply now.
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
03/10/2025
Contractor
Senior Cyber Security Analyst - Central Gov (Contract) Incident Response | Threat Detection | Forensics | SIEM The Cyber Defence team is hiring a Senior Cyber Security Analyst to lead on incident response and protect critical citizen-facing services. You'll: Investigate and respond to cyber incidents at scale Lead forensic analysis (systems, files, network, cloud) Coordinate containment, eradication & recovery actions Mentor Junior Analysts and shape IR playbooks Must have strong Splunk skills. Requirements: Strong incident response & cyber investigation experience Skilled with EDR/SIEM tools - splunk Deep knowledge of attacker TTPs Excellent problem solving & communication London | Competitive Day Rate | SC Clearance required | On-call rota
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
03/10/2025
Contractor
*Senior Cyber Security Analyst - £600-800pd (experience dependent) INSIDE IR35 - 3 month initial contract - London (3 days per week onsite)* Please note: Due to the nature of the role, we are ideally looking for candidates to hold an active SC clearance. We are looking for a SC Cleared Senior Cyber Security Analyst with SPLUNK experience to join our central government client on an initial 3-month contract. You must have experience investigating and responding to cyber incidents, co-ordinating incident response in a large organisation. We have both a Senior and mid-level role available. Main responsibilities: As a senior security analyst with responsibility for incident response, you will: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environment Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. Essential skills and experience: SPLUNK EDR (Endpoint Detection and Response) Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Damia Group Limited acts as an employment agency for permanent recruitment and employment business for the supply of temporary workers. By applying for this job you accept our Data Protection Policy which can be found on our website. Please note that no terminology in this advert is intended to discriminate on the grounds of a person's gender, marital status, race, religion, colour, age, disability or sexual orientation. Every candidate will be assessed only in accordance with their merits, qualifications and ability to perform the duties of the job. Damia Group is acting as an Employment Business in relation to this vacancy and in accordance to Conduct Regulations 2003.
Senior Cyber Security Analyst - Government, Splunk, EDR, Defence, AWS, Hybrid, London, SC Clearance, £800 pd We are seeking an experienced SC cleared Senior Cyber Security Analyst to lead incident response efforts within a dynamic cyber defence team. The ideal candidate will have a strong background in investigating, managing, and responding to cyber threats, with a focus on incident containment and forensic analysis. Key Responsibilities: Lead investigations into security alerts to determine the nature and scope of potential cyber incidents Conduct forensic analysis across systems, network traffic, files, and cloud environments Manage technical responses, including containment, eradication, and recovery actions Support the coordination and management of cyber incident responses Review incidents post-event to identify lessons learned and areas for improvement Develop and maintain incident response plans, playbooks, and knowledge resources Lead and line-manage security team members Experience & Skills Needed: Extensive experience investigating and responding to cyber incidents Proficiency with security tools such as EDR and SIEM platforms Proven track record of managing and coordinating incident response activities Experience in mentoring and coaching junior staff Strong understanding of threat actor techniques, tools, and tactics Excellent analytical, problem-solving, and communication skills Experience with Splunk or similar log management tools Familiarity with Agile working practices Knowledge of cloud platforms such as AWS If you possess the relevant experience and are ready to lead critical cyber defence initiatives, we encourage you to apply. Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply. Interviews will take place next week, so please apply immediately to be considered for this contract role.
03/10/2025
Contractor
Senior Cyber Security Analyst - Government, Splunk, EDR, Defence, AWS, Hybrid, London, SC Clearance, £800 pd We are seeking an experienced SC cleared Senior Cyber Security Analyst to lead incident response efforts within a dynamic cyber defence team. The ideal candidate will have a strong background in investigating, managing, and responding to cyber threats, with a focus on incident containment and forensic analysis. Key Responsibilities: Lead investigations into security alerts to determine the nature and scope of potential cyber incidents Conduct forensic analysis across systems, network traffic, files, and cloud environments Manage technical responses, including containment, eradication, and recovery actions Support the coordination and management of cyber incident responses Review incidents post-event to identify lessons learned and areas for improvement Develop and maintain incident response plans, playbooks, and knowledge resources Lead and line-manage security team members Experience & Skills Needed: Extensive experience investigating and responding to cyber incidents Proficiency with security tools such as EDR and SIEM platforms Proven track record of managing and coordinating incident response activities Experience in mentoring and coaching junior staff Strong understanding of threat actor techniques, tools, and tactics Excellent analytical, problem-solving, and communication skills Experience with Splunk or similar log management tools Familiarity with Agile working practices Knowledge of cloud platforms such as AWS If you possess the relevant experience and are ready to lead critical cyber defence initiatives, we encourage you to apply. Minorities, women, LGBTQ+ candidates, and individuals with disabilities are encouraged to apply. Interviews will take place next week, so please apply immediately to be considered for this contract role.
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
03/10/2025
Contractor
Job Title: Senior Cyber Security Analyst - SC Location : Hybrid/London - 3 days a week on site Contract Duration : 3 months initially Daily Rate: £800/day (Umbrella - Maximum) IR35 Status: Inside IR35 Minimum requirement: Experience of investigating and responding to cyber incidents, coordinating incident response in large org 5+ years' experience with SPLUNK EDR (Endpoint Detection and Response) Analytical, problem solving Security Clearance: SC Senior Cyber Security Analyst The Cyber Defence team delivers cyber threat intelligence, threat detection, incident response and Vulnerability management capabilities for the organisation, and is responsible for defending both internal IT infrastructure and citizen-facing services. As a senior security analyst, you'll take a leading role in building and delivering these core capabilities, focusing on incident response. As a senior security analyst with responsibility for incident response, you will l: Lead the investigation of security alerts to understand the nature and extent of possible cyber incidents Lead the forensic analysis of systems, files, network traffic and cloud environments Lead the technical response to cyber incidents by identifying and implementing (or coordinating the implementation of) containment, eradication and recovery actions Support the wider coordination of cyber incidents Review previous incidents to identify lessons and actions Identify and deliver opportunities for continual improvement of the incident response capability Work closely alongside other Cyber Defence functions, supporting the continual improvement of wider capabilities Develop and update internal plans, playbooks and knowledge base articles Act as an escalation point for, and provide coaching and mentoring to, security analysts Be responsible for leadership and line management of security analysts Cyber incidents can and do arise on a 24/7 basis. The team operates an out-of-hours on call rota, which you will be expected to join. We're interested in people who have: Significant experience investigating and responding to cyber incidents Significant experience using security tools (eg, EDR, SIEM) to support the investigation and response to cyber incidents Experience managing and coordinating the response to cyber incidents Experience coaching and mentoring junior staff An in-depth understanding of the tools, techniques and procedures used by threat actors Excellent analytical and problem solving skills Excellent verbal and written communication skills Experience with Splunk Experience working in an Agile environment Experience with cloud environments such as AWS Disability Confident As a member of the disability confident scheme, CLIENT guarantees to interview all candidates who have a disability and who meet all the essential criteria for the vacancy. In cases where we have a high volume of candidates who have a disability who meet all the essential criteria, we will interview the best candidates from within that group. Armed Forces Covenant CLIENT is proud to support the Armed Forces Covenant and as such, we guarantee to interview all veterans or spouses/partners of military personnel who meet all the essential criteria for the vacancy. In cases where we have a high volume of ex-military candidates/military spouses or partners, who meet all of the essential criteria, we will interview the best candidates from within that group. If you qualify for the above, please notify us. We will be in touch to discuss your suitability and arrange your Guaranteed Interview. Should you require reasonable adjustments at any point during the recruitment process or if there is a more accessible way for us to communicate, please do let me know. To apply for this role please submit your latest CV or contact Aspect Resources
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
01/10/2025
Contractor
Job Title: Cyber Security Incident Response Specialist Location: London, Wokingham, or Warwick (2 days per week onsite - hybrid working) Contract Duration: 6months + initially, with high potential for extension (long-term programme) Clearance: SC required or eligible THIS PROJECT IS INSIDE IR35 Project Overview: We are looking for an experienced Cyber Security Incident Response Specialist to join a high-impact security programme supporting the resilience of UK critical national infrastructure (CNI) . You'll join a team responsible for responding to cyber threats across both cyber and physical domains - helping to manage the full incident life cycle, improve response maturity, and develop scalable IR documentation and exercises. This is a specialist role for someone with real-world IR experience and the ability to assess, escalate, and coordinate technical and business responses. Key Responsibilities: Lead or support incident response (IR) activities across the full life cycle: detection, triage, containment, eradication, recovery, and lessons learned Develop and maintain IR playbooks, plans, and post-incident reports Support post-incident reviews , including root cause analysis (RCA) and lessons learned sessions Design and deliver incident response exercises (eg tabletop simulations) Act as a subject matter expert (SME) for incident response processes and frameworks Collaborate with SOC teams, technical SMEs, and non-technical stakeholders Communicate IR outcomes effectively via reports, presentations, and briefings Build working relationships across internal security functions and external CNI/regulatory stakeholders Mandatory Requirements (Must-Have): Strong, recent experience in cybersecurity incident response Ability to make informed decisions during incidents (triage, escalate, communicate) Experience working in Critical National Infrastructure (CNI) sectors - eg utilities, energy, telco, banking, health, defence, or transport Working knowledge of NIST, MITRE ATT&CK , or equivalent frameworks Proven ability to communicate IR findings to technical and non-technical audiences Experience contributing to or owning IR playbooks, SOPs, or RCA documentation Must hold current SC clearance or have been previously cleared within the last 12-18 months Desirable Skills (Nice-to-Have): Experience within the energy or utilities sector Exposure to OT/ICS environments (eg SCADA, PLCs, DCS) Experience delivering or supporting tabletop IR exercises Familiarity with tools like Microsoft Sentinel, Defender, Splunk, QRadar, Tenable, CrowdStrike, etc. Industry certifications such as CISSP, GCFA, GEIR, CCIM, CISM, CEH , or equivalent What We're Not Looking For: Junior SOC analysts (L1/L2 triage only) Generalist cyber roles without deep IR exposure Candidates without experience in CNI or enterprise-scale IR
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
24/09/2022
Full time
Malware Reverse Engineer Location: Remote working - Office based in Reading Salary: Competitive Salary and Benefits Career Level : Specialist, Associate Manager or Manager About Accenture Cyber Threat Intelligence (ACTI) ACTI is a global team that spans 13 countries and 4 continents and speaks more than 30 languages. We are passionate about delivering intelligence analysis, and providing industry-leading analytic insights, cyber context, and critical services our clients need to achieve their business-line and strategic-growth initiatives. We know success is only possible by developing and supporting our most-critical resources: our talented analysts, developers, and supporting team members. We value creativity and entrepreneurship in our team; where possible, we back staff initiatives with opportunities and investments. We enjoy the hunt. We strive to automate and innovate while working with powerful resources and differentiated data. Above all else, we value an egoless approach to guiding our clients as they navigate their businesses through all aspects of the cyber domain. Who You Are You are passionate about cybersecurity and intelligence analysis. You stay abreast of the latest threats, recognize the value of intelligence, and believe it should drive operations. You are a devoted team member who is always willing to lend a hand, mentor a colleague, or increase our global team's awareness by sharing your knowledge and approaches with others. You are productive, easy to work with, and understand that adherence to a good process is key to excellence. Role Description As a Malware Reverse Engineer at ACTI, you will reverse engineer and analyze malware to evaluate sophisticated malicious code to settle malware capabilities and purposes. Analysis includes the use of specialized systems and tools, including dissemblers, debuggers, hex editors, unpackers, virtual machines, and those for network traffic analysis. Key Responsibilities Analyze malicious events and campaigns to determine attack vectors and retrieve malware payloads. Reverse engineer files suspected or known to belong to identified malware families to determine their command-and-control (C2) infrastructure and targeting. Incorporate analysis results into detailed reporting to include purpose, behavior, C2 server infrastructure, and mitigation techniques related to analyzed malware families, malicious campaigns, and events. Track prevailing malware families, including downloaders, banking Trojans, information stealers, ransomware, and remote access Trojans. Reverse engineer recently discovered malware variants to check potential feature augmentation or configuration structure changes. Improve existing tools that extract known malware family configurations based on reverse engineering results. Research the latest malware detection evasion techniques, such as use of customized packers, customized crypters, fully undetectable (FUD) techniques, host intrusion prevention system (HIPS) bypassing, and anti-virus (AV) software bypassing. Based on research, design and develop generic unpacking methods and tools for use as standalone tools or within automated analysis systems and sandboxes. Provide customer support by responding to requests related to suspicious file analysis that sometimes require malware reverse engineering and determination of contextual information surrounding indicators of compromise; do so by providing detailed analysis reports and mitigation recommendations. Provide customer support by responding to cybersecurity requests, including those for: open-source intelligence (OSINT) research; domain, IP address, or URL analysis; malicious campaign information; and/or event attribution. Provide answers to specific questions, the answers of which clients use for operational mentorship to aid their strategies. Design, develop, and implement Windows kernel modules to support automated malware analysis; such modules include kernel system service filtering modules able to intercept operating system services on 32-bit and 64-bit Windows operating systems without triggering those systems' self-protection mechanisms, and kernel-mode modules able to force designated processes to load specific modules that load decoders designed for extracting malware configurations. Design, develop, and implement generic unpackers that combat widely used malware packing methods to retrieve malicious payloads from packed malware samples automatically. Create detection rules and signatures for detecting malware families, and provide detection or blocking recommendations. Develop decoders to extract malware configurations-including basic C2 settings or secondary dynamic configurations, such as those outlining targeted institutions and web injects-based on reverse engineering results. Provide junior engineers with technical training, including: training on malware analysis; reverse engineering; Windows internals; and development, identification, unpacking, and de-obfuscation of malicious code. Travel occasionally as this position may require doing so to address client needs, improve results, or otherwise support projects. Basic Qualifications Bachelor's Degree in Computer Forensics, Science, Engineering, Information Systems, or another related security field, or comparable experience. Experience with malware analysis, reverse engineering, and development. Ability to write, understand, and/or analyze code in programming and scripting languages, including Assembly x86/x64, C, C++, Python, JavaScript, Java, PHP, and HTML. Basic knowledge of and experience with malware packers, crypters, and obfuscation techniques. Understanding of operating system internals and the Windows API. Experience with debuggers, decompilers, and network traffic analysis tools. Development experience in Assembly, Python, C, or C++. Strong understanding of the intelligence lifecycle and associated analytic methodologies (Cyber Kill Chain, Diamond Model, ATT&CK, etc.). Practical understanding of malware analysis and/or reverse engineering, and the ability to develop malware detection signatures (e.g. YARA). Required Skills Ability to analyze and unpack obfuscated code. Strong written and verbal skills; can communicate complex concepts at a high level while retaining accuracy and highlighting features in a way that improves audience engagement. Strong problem solving and critical thinking capabilities. Desired Skills Two or more years of experience in malware analysis, reverse engineering, and development fields. Deep understanding of operating system internals and the Windows API. Ability to work with a high degree of independence. Ability to collaborate in a team environment to focus on a common goal. Show more Show less Qualifications What's in it for you At Accenture in addition to a competitive basic salary, you will alsohave an extensive benefits package which includes 25days' vacation per year, gym subsidy, private medical insurance and 3 extra days leave per year for charitable work of your choice! About Accenture Accenture is a leading global professional services company, providing a broad range of services in strategy and consulting, interactive, technology and operations, with digital capabilities across all of these services. We combine unmatched experience and specialized capabilities across more than 40 industries - powered by the world's largest network of Advanced Technology and Intelligent Operations centers. With 509,000 people serving clients in more than 120 countries, Accenture brings continuous innovation to help clients improve their performance and create lasting value across their enterprises. Visit us at Accenture is an equal opportunities employer and encourages applications from all sections of society and does not discriminate on grounds of race, religion or belief, ethnic or national origin, disability, age, citizenship, marital, domestic or civil partnership status, sexual orientation, or gender identity, or any other basis as protected by applicable law. Closing Date for Applications: 30/10/2022 Accenture reserves the right to close the role prior to this date should a suitable applicant be found.
BAE Systems Digital Intelligence
Guildford, Surrey
JOB ROLE BIO BAE Systems Digital Intelligence works with governments and businesses around the world to help them defend against cyber threats, reduce their risk in the connected world, comply with regulation and transform their operations. The Wireless Products group works with customers to develop innovative mission critical technology. Applications include software radios, space technology and underwater systems. We are looking for bright, enthusiastic and committed individuals to work as electronics engineers in one of our customer-facing product teams. Relevant industry experience is preferable but most of all we are looking for bright, enthusiastic and committed individuals with a strong academic background and the ability to learn quickly. We have a range of roles available, from graduate entry through to experienced engineers. We are interested in hearing from anyone who can make a strong contribution to our work. What you could be doing for us We'd like to hear from people keen to develop their career in engineering who have a baseline of experience in some or all of the following areas that we cover: RF PCB development. We design a variety of RF circuit boards ranging from low power embedded sensors, designed for use in harsh environments, through to high performance analogue designs for radio equipment covering bands from VLF through to millimetre wave systems. This development may involve modelling (eg using Matlab, Agilent ADS, CST, Spice etc) as well as schematic capture and RF circuit board layout. Digital, mixed signal and power PCB development. We develop a wide range of boards such as state-of-the art digital signal processing platforms incorporating the latest FPGAs, SoCs and processors. Mechanical design and system integration. We design chassis and enclosures for our PCBs to ensure the optimum solution for its intended environment. The designs have to be easily assembled and repaired through life but also provide for cooling and protection in challenging environments. This work often involves compliance testing for CE, airborne, military and space applications. System engineering. Most of our solutions comprise of a blend of hardware, firmware and software. Early in the development lifecycle you will be involved in the design activity responsible for partitioning the functionality in to these domains taking into account the requirements and constraints. Development work, depending on the level of seniority, will include: Client interaction to understand and influence requirements, deliver solutions and be involved in bidding for new work. Development team lead, including mentoring junior engineering staff. Research and monitoring of developments in relevant technology to maintain and enhance our leading-edge capability. The main emphasis of this role is the implementation and delivery of hardware solutions; advice and support from senior technical specialists is expected to be provided, particularly in the early stages of design What background are we looking for? We are looking for ambitious, high-calibre people with the following characteristics: Highly motivated with a strong academic background typically in Engineering or Physics a 2:1 or 1st class degree. Understanding of the principles of PCB circuit design and layout. Understanding of the principles of mechanical design. Experience with 3D CAD would be an advantage, but is not essential. Proven record of set-to-work and verification of complex hardware, sometimes under demanding project timescales. Competent in the use of laboratory measurement equipment (eg oscilloscopes, spectrum analysers, vector network analysers etc). An appreciation of the technologies involved in software radio. Experience in the use of software and firmware development tools and environments, e.g. C/C++, Java, Linux, particularly as needed to support hardware test and debug. Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Experience of working within multi-disciplinary development teams in a project-based environment. Client-facing experience and influencing skills, as well as strong inter-personal skills. Experience of designing products for production. Experience of designing products for compliance against industry standards (eg CE, FCC, DEF STAN). How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Digital Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
24/09/2022
Full time
JOB ROLE BIO BAE Systems Digital Intelligence works with governments and businesses around the world to help them defend against cyber threats, reduce their risk in the connected world, comply with regulation and transform their operations. The Wireless Products group works with customers to develop innovative mission critical technology. Applications include software radios, space technology and underwater systems. We are looking for bright, enthusiastic and committed individuals to work as electronics engineers in one of our customer-facing product teams. Relevant industry experience is preferable but most of all we are looking for bright, enthusiastic and committed individuals with a strong academic background and the ability to learn quickly. We have a range of roles available, from graduate entry through to experienced engineers. We are interested in hearing from anyone who can make a strong contribution to our work. What you could be doing for us We'd like to hear from people keen to develop their career in engineering who have a baseline of experience in some or all of the following areas that we cover: RF PCB development. We design a variety of RF circuit boards ranging from low power embedded sensors, designed for use in harsh environments, through to high performance analogue designs for radio equipment covering bands from VLF through to millimetre wave systems. This development may involve modelling (eg using Matlab, Agilent ADS, CST, Spice etc) as well as schematic capture and RF circuit board layout. Digital, mixed signal and power PCB development. We develop a wide range of boards such as state-of-the art digital signal processing platforms incorporating the latest FPGAs, SoCs and processors. Mechanical design and system integration. We design chassis and enclosures for our PCBs to ensure the optimum solution for its intended environment. The designs have to be easily assembled and repaired through life but also provide for cooling and protection in challenging environments. This work often involves compliance testing for CE, airborne, military and space applications. System engineering. Most of our solutions comprise of a blend of hardware, firmware and software. Early in the development lifecycle you will be involved in the design activity responsible for partitioning the functionality in to these domains taking into account the requirements and constraints. Development work, depending on the level of seniority, will include: Client interaction to understand and influence requirements, deliver solutions and be involved in bidding for new work. Development team lead, including mentoring junior engineering staff. Research and monitoring of developments in relevant technology to maintain and enhance our leading-edge capability. The main emphasis of this role is the implementation and delivery of hardware solutions; advice and support from senior technical specialists is expected to be provided, particularly in the early stages of design What background are we looking for? We are looking for ambitious, high-calibre people with the following characteristics: Highly motivated with a strong academic background typically in Engineering or Physics a 2:1 or 1st class degree. Understanding of the principles of PCB circuit design and layout. Understanding of the principles of mechanical design. Experience with 3D CAD would be an advantage, but is not essential. Proven record of set-to-work and verification of complex hardware, sometimes under demanding project timescales. Competent in the use of laboratory measurement equipment (eg oscilloscopes, spectrum analysers, vector network analysers etc). An appreciation of the technologies involved in software radio. Experience in the use of software and firmware development tools and environments, e.g. C/C++, Java, Linux, particularly as needed to support hardware test and debug. Comfortable working on multiple projects at the same time and in a dynamic environment where deadlines and priorities are changeable. Experience of working within multi-disciplinary development teams in a project-based environment. Client-facing experience and influencing skills, as well as strong inter-personal skills. Experience of designing products for production. Experience of designing products for compliance against industry standards (eg CE, FCC, DEF STAN). How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Digital Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Digital Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
BAE Systems Digital Intelligence
Gloucester, Gloucestershire
Defensive Cyber Senior FPGA Firmware Engineer The Cross-Domain (XD) team deliver high performance appliances for the Defensive Cyber market. We develop from a blank sheet with security as a primary consideration, designing the whole appliance from high performance C++, embedded software, FPGA firmware (VHDL), custom PCBs, power distribution, and thermal management. All of which has to deliver a reliable, supportable, and maintainable capability for our customers. JOB ROLE A Senior Firmware Engineer within the XD team can expect to be involved in the full lifecycle of product development, from concept, design, through delivery, and into support. We predominately use Intel (previously Altera) FPGAs, with code developed using VHDL. As this is predominately an active hands-on role, solid experience with VHDL is a must, as is a familiarity with at least 1 modern FPGA tool chain (ideally Intel but could be Xilinx, Achronix, or similar). As with most current FPGA designs, we make significant use of the provided embedded blocks within those FPGAs, so any experience in integrating with these would be highly valuable. As with most senior engineers, you would be expected to lead small teams of 1-3 junior engineers, and provide support and mentoring through their activities. The BAE Systems Digital Intelligence Cross-Domain product team consists of circa 50 people predominately based in our Gloucester office, and sits within the wider products group of approximately 200 engineers. As an integral part of 3500 strong BAE Systems Applied Intelligence capability in the UK, we look to recruit good engineers to help meet our customer's needs. In return we offer engaging technical challenges to solve, a collaborative and trusted work environment and the opportunity to develop a career that can encompass the full range of the company's activities, form product development, research, technical consultancy, business consultancy, and customer engagement. Due to the nature of our work in Cross-Domain, candidates must hold, or be eligible to gain UK security clearance and meet nationality requirements. Additionally, we cannot offer regular remote working, but do provide a flexible working environment that respects the needs of our people's personal lives. How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Applied Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Applied Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
24/09/2022
Full time
Defensive Cyber Senior FPGA Firmware Engineer The Cross-Domain (XD) team deliver high performance appliances for the Defensive Cyber market. We develop from a blank sheet with security as a primary consideration, designing the whole appliance from high performance C++, embedded software, FPGA firmware (VHDL), custom PCBs, power distribution, and thermal management. All of which has to deliver a reliable, supportable, and maintainable capability for our customers. JOB ROLE A Senior Firmware Engineer within the XD team can expect to be involved in the full lifecycle of product development, from concept, design, through delivery, and into support. We predominately use Intel (previously Altera) FPGAs, with code developed using VHDL. As this is predominately an active hands-on role, solid experience with VHDL is a must, as is a familiarity with at least 1 modern FPGA tool chain (ideally Intel but could be Xilinx, Achronix, or similar). As with most current FPGA designs, we make significant use of the provided embedded blocks within those FPGAs, so any experience in integrating with these would be highly valuable. As with most senior engineers, you would be expected to lead small teams of 1-3 junior engineers, and provide support and mentoring through their activities. The BAE Systems Digital Intelligence Cross-Domain product team consists of circa 50 people predominately based in our Gloucester office, and sits within the wider products group of approximately 200 engineers. As an integral part of 3500 strong BAE Systems Applied Intelligence capability in the UK, we look to recruit good engineers to help meet our customer's needs. In return we offer engaging technical challenges to solve, a collaborative and trusted work environment and the opportunity to develop a career that can encompass the full range of the company's activities, form product development, research, technical consultancy, business consultancy, and customer engagement. Due to the nature of our work in Cross-Domain, candidates must hold, or be eligible to gain UK security clearance and meet nationality requirements. Additionally, we cannot offer regular remote working, but do provide a flexible working environment that respects the needs of our people's personal lives. How we will support you: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. About BAE Systems Digital Intelligence: We help nations, governments and businesses around the world defend themselves against cyber-crime, reduce their risk in the connected world, comply with regulation, and transform their operations. We do this using our unique set of solutions, systems, experience and processes. Our success is down to our people. The changing nature of our business means that we're constantly looking for the brightest talent to help us fulfil our ambitions. As an experienced professional, we'll entrust you with responsibility; this means that you'll have client contact, variety and support from day one. We'll encourage and support you to develop your skills and reward you as you grow. Whatever your area of expertise, you'll be much more than just a job title; you'll be an integral part of the business where your individual contribution makes a difference every day. Great minds deserve great rewards, so we also offer a very competitive salary and benefits package. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. Staying competitive in today's global marketplace requires an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. We also welcome discussions about flexible working. Security Clearance Only those with the permanent and unrestricted right to live and work in the UK will be considered for a position within BAE Systems Applied Intelligence. Due to the nature of our work, successful candidates for this role will be required to go through Government SC clearance prior to starting with us. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals. Division overview: Capabilities At BAE Systems Digital Intelligence, we pride ourselves in being a leader in the cyber defence industry, and Capabilities is the engine that keeps the business moving forward. It is the largest area of Applied Intelligence, containing our Engineering, Consulting and Project Management teams that design and implement the defence solutions and digital transformation projects that make us a globally recognised brand in both the public and private sector. As a member of the Capabilities team, you will be creating and managing the solutions that earn us our place in an ever changing digital world. We all have a role to play in defending our clients, and this is yours.
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
24/09/2022
Full time
Our world class team of Vulnerability Researchers and Reverse Engineers tackle some of the most interesting problems with a meaningful and tangible impact on the national security of the UK. We are growing our VR team significantly and are looking for a diverse range of talent from experienced Vulnerability Researchers with a proven track record to those with a keen interest and aptitude looking to develop their skills in this exciting space! We have a community of technical specialists with a friendly and inclusive culture with great opportunities to learn from experts and make use of a carefully curated training plan with some of the best trainers and conferences available. Our focus is on a wide variety devices, platforms and technologies. VR, RE or development experience with mobile (Android, IOS), firmware, Linux, IoT and Windows is useful but most important is a willingness to learn as all of our projects bring new and interesting challenges. What you will be doing for us: Performing Vulnerability Research and Reverse Engineering to handle complex and unique challenges across a myriad of platforms. Learning to use tools like Ghidra, IDA Pro, Unicorn and Frida plus developing bespoke tooling when needed. Working in a vibrant and inclusive team of specialists where success often comes from teamwork and a diverse approach to solving problems. Developing junior members of staff with a keen interest in RE and VR to realise their potential. Ideal candidate background: An interest and aptitude for Vulnerability Research, Reverse Engineering, and Exploit Development (either from a professional background or by demonstrating an aptitude e.g. by playing capture the flag challenges). Low-level knowledge in how languages function across the application stack from assembly through to interpreted languages and everything in between. Understanding of the exploit development lifecycle from identifying bugs up to fully developed proof of concepts. Proficient in at least one programming language (e.g. Python, Java, C#, C++) How you will be supported: Work-life balance is important; you'll get 25 days holiday a year and, via our flexible benefits package the option to buy/sell and carry over from the year before You can work around core hours with flexible and part-time working Our flexible benefits package includes; private medical and dental insurance, a competitive pension scheme, cycle to work scheme, taste cards and more You'll have a dedicated Career Manager to help you develop your career and guide you on your journey through BAE Systems Applied Intelligence Don't know a particular technology? Your learning and development is key to your future career You'll be part of our bonus scheme You are welcome to join any/all of our Diversity and Support groups. These groups cover everything from gender diversity to mental health and wellbeing. Life at BAE Systems Digital Intelligence We are embracing Hybrid Working. This means you and your colleagues may be working in different locations, such as from home, another BAE Systems office or client site, some or all of the time, and work might be going on at different times of the day. By embracing technology, we can interact, collaborate and create together, even when we're working remotely from one another. Hybrid Working allows for increased flexibility in when and where we work, helping us to balance our work and personal life more effectively, and enhance wellbeing. Diversity and inclusion are integral to the success of BAE Systems Digital Intelligence. We are proud to have an organisational culture where employees with varying perspectives, skills, life experiences and backgrounds - the best and brightest minds - can work together to achieve excellence and realise individual and organisational potential. About BAE Systems Digital Intelligence We use our intelligence-led insights to help defend Governments, Nations and Societies from cyber-attacks and financial crime. Our customers depend on our evolving capabilities to help them safely grow their organisations. Our unprecedented access to threat intelligence, world-leading analysts and market-leading technology means we can help them to adapt, evolve and stay ahead of the criminals.
Be part of a consultancy at the cutting edge of information security. Now a part of Accenture Security, our services include a comprehensive portfolio of advisory and advanced technical cyber security services. We pride ourselves on our unique and meticulous approach to helping our clients solve their most complex information security challenges. We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. As a team: You will work with some of the best in the industry, on prestigious projects with the worlds most high profile blue chip companies and enjoy the benefits of being part of Accenture Security. You will be using the latest technologies with clients to help them get to the next level. Do you want to work in an environment where...? You'll learn, grown and advance in an innovative culture that thrives on shared success, diverse ways of thinking and enables boundaryless opportunities that can drive your career in new and exciting ways. If you're looking for a challenging career working in a vibrant environment with access to training and global network of experts, this could be the role for you. In our team you will learn: The role encompasses both monitoring and responding to alerts raised by various toolsets as part of an ongoing managed security monitoring service, coupled with analysing data sets gathered from Incident Response investigations and assisting Investigative Consultants to deliver positive investigative outcomes to our breach investigation consultancy engagements. Show more Show less Qualifications As a Lead Security Analyst, you will: Respond to alerts escalated by shift analysts Perform detailed analysis and undertake an in-depth investigation into potential and confirmed security incidents Escalate incidents where necessary & acting as a point of contact throughout Conduct threat hunting across client environments Develop and refine threat hunting techniques Review and action alerts flagged as tuning candidates Conduct proactive threat research Develop and implement new signatures/rules Task and manage the delivery of junior analysts Development & mentor junior members of staff Manage the delivery of SOC projects Support client engagements and or service meetings, representing the business to external stakeholders Provide out-of-hours technical escalation support to shift analysts Development SOC playbooks We are looking for experience and skills in any of the following; A detailed understanding of the core discipline, including knowledge of computer networks, operating systems, software, hardware, and security An understanding of cyber security risks associated with various technologies and ways to manage them A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus Any relevant academic or industry specific training Set yourself apart: Ability to seek out new ways of working more efficiently Sustain a high level of focus, effort, and energy Share real stories and experiences to truly connect with others Create an open environment that encourages team members be to their authentic self Drive activities to ensure value is added and/or requirements are met Location: Minimum requirement to be on-site in the Cheltenham Offices 2 days per week Mandatory Pre-requisite SC clearance is mandatory. The criteria for SC clearance is all candidates that are considered must have been a UK resident for a minimum of 5 years with no long periods outside of the UK.
24/09/2022
Full time
Be part of a consultancy at the cutting edge of information security. Now a part of Accenture Security, our services include a comprehensive portfolio of advisory and advanced technical cyber security services. We pride ourselves on our unique and meticulous approach to helping our clients solve their most complex information security challenges. We believe in inclusion and diversity and supporting the whole person. Our core values comprise of Stewardship, Best People, Client Value Creation, One Global Network, Respect for the Individual and Integrity. As a team: You will work with some of the best in the industry, on prestigious projects with the worlds most high profile blue chip companies and enjoy the benefits of being part of Accenture Security. You will be using the latest technologies with clients to help them get to the next level. Do you want to work in an environment where...? You'll learn, grown and advance in an innovative culture that thrives on shared success, diverse ways of thinking and enables boundaryless opportunities that can drive your career in new and exciting ways. If you're looking for a challenging career working in a vibrant environment with access to training and global network of experts, this could be the role for you. In our team you will learn: The role encompasses both monitoring and responding to alerts raised by various toolsets as part of an ongoing managed security monitoring service, coupled with analysing data sets gathered from Incident Response investigations and assisting Investigative Consultants to deliver positive investigative outcomes to our breach investigation consultancy engagements. Show more Show less Qualifications As a Lead Security Analyst, you will: Respond to alerts escalated by shift analysts Perform detailed analysis and undertake an in-depth investigation into potential and confirmed security incidents Escalate incidents where necessary & acting as a point of contact throughout Conduct threat hunting across client environments Develop and refine threat hunting techniques Review and action alerts flagged as tuning candidates Conduct proactive threat research Develop and implement new signatures/rules Task and manage the delivery of junior analysts Development & mentor junior members of staff Manage the delivery of SOC projects Support client engagements and or service meetings, representing the business to external stakeholders Provide out-of-hours technical escalation support to shift analysts Development SOC playbooks We are looking for experience and skills in any of the following; A detailed understanding of the core discipline, including knowledge of computer networks, operating systems, software, hardware, and security An understanding of cyber security risks associated with various technologies and ways to manage them A good working knowledge of various security technologies such as network and application firewalls, host intrusion prevention and anti-virus Any relevant academic or industry specific training Set yourself apart: Ability to seek out new ways of working more efficiently Sustain a high level of focus, effort, and energy Share real stories and experiences to truly connect with others Create an open environment that encourages team members be to their authentic self Drive activities to ensure value is added and/or requirements are met Location: Minimum requirement to be on-site in the Cheltenham Offices 2 days per week Mandatory Pre-requisite SC clearance is mandatory. The criteria for SC clearance is all candidates that are considered must have been a UK resident for a minimum of 5 years with no long periods outside of the UK.
